Snowflake has announced that single-factor password authentication will soon be deprecated. To ensure uninterrupted access and enhanced security, we recommend updating your Snowflake connections to use key pair authentication instead of username/password authentication.
What’s Changing?
Starting April 2025 and ending November 2025, Snowflake will block single-factor authentication using only a username and password. Depending on your account setup, this change may take effect at different times within this period. If your integrations or scripts rely on this method, they will stop working unless updated.
How to Migrate to Key Pair Authentication
Follow these steps to transition from username/password authentication to username/key pair authentication:
1. Generate an RSA Key Pair
You’ll need to create a public/private key pair:
- Windows: Download OpenSSL from Win32 OpenSSL.
- Mac/Linux: Open a terminal and run:
openssl genrsa 2048 | openssl pkcs8 -topk8 -inform PEM -out rsa_key.p8 -nocrypt
openssl rsa -in rsa_key.p8 -pubout -out rsa_key.pub
2. Assign the Public Key to a Snowflake User
Run the following query in Snowflake to create a user with key pair authentication:
create user CELIGO_IO_NEW
default_warehouse = 'DEMO_WH'
login_name = 'CELIGO_IO_NEW'
display_name = 'CELIGO_IO_NEW'
default_role = 'SYSADMIN'
type = 'SERVICE'
rsa_public_key = '<INSERT_PUBLIC_KEY_HERE>'
;
Replace <INSERT_PUBLIC_KEY_HERE>
with the contents of your rsa_key.pub
file.
3. Update Your Connection in Integrator.io
- Go to Connections in Celigo’s integrator.io.
- Edit your Snowflake connection.
- Switch authentication type to Key Pair Authentication.
- Upload the private key (
rsa_key.pem
). - Save and test the connection.
Additional Resources
For more details, refer to the official Snowflake documentation:
- Snowflake Blog: Blocking Single-Factor Password Authentication
- Snowflake Key Pair Authentication Guide
Check out the video below for a step-by-step walkthrough of the migration process!
If you have any questions, drop a comment below!