Newer Version Available

This content describes an older version of this product. View Latest

Setting Two-Factor Authentication Login Requirements

Administrators can require users to enter a time-based token generated from an authenticator app when they log into Salesforce.
Available in: Enterprise, Performance, Unlimited, Developer, and Database.com Editions

User Permissions Needed
To edit profiles and permission sets: “Manage Profiles and Permission Sets”

To require this verification every time users log into Salesforce, select the “Two-Factor Authentication for User Interface Logins” permission in the user profile or permission set.

Watch Video Demo Enhancing Security with Two-Factor Authentication (6:56 minutes)

See a demonstration of Two-Factor Authentication for Salesforce, and when to use it.

Note

Users are prompted to add a time-based token the next time they log into Salesforce. They must enter the changing token from their mobile app every time they log in.

Users aren’t asked for a verification code the first time they log in to Salesforce.

Note

Once users add a time-based token to their account they can also use the token to confirm their identity when they activate their computer. Partner Portal and Customer Portal users aren’t required to activate computers to log in.