Security Implementation Guide
Summer '26 (API version 67.0)
Spring '26 (API version 66.0)
Winter '26 (API version 65.0)
Summer '25 (API version 64.0)
Spring '25 (API version 63.0)
Winter '25 (API version 62.0)
Summer '24 (API version 61.0)
Spring '24 (API version 60.0)
Winter '24 (API version 59.0)
Summer '23 (API version 58.0)
Spring '23 (API version 57.0)
Winter '23 (API version 56.0)
Summer '22 (API version 55.0)
Spring '22 (API version 54.0)
Winter '22 (API version 53.0)
Summer '21 (API version 52.0)
Spring '21 (API version 51.0)
Winter '21 (API version 50.0)
Summer '20 (API version 49.0)
Spring '20 (API version 48.0)
Winter '20 (API version 47.0)
Summer '19 (API version 46.0)
Spring '19 (API version 45.0)
Winter '19 (API version 44.0)
Summer '18 (API version 43.0)
Spring '18 (API version 42.0)
Winter '18 (API version 41.0)
Summer '17 (API version 40.0)
Spring '17 (API version 39.0)
Winter '17 (API version 38.0)
Summer '16 (API version 37.0)
Spring '16 (API version 36.0)
Winter '16 (API version 35.0)
Summer '15 (API version 34.0)
Spring '15 (API version 33.0)
Winter '15 (API version 32.0)
Spring '14 (API version 30.0)
Salesforce Security Implementation Guide
Passwords
Single Sign-on Overview
My Domain
Identity Providers
Session Security
Custom Login Flows
Set Password Policies
Expire Passwords for Your Users
Set Trusted IP Ranges for Your Organization
Modify Session Security Settings
Create a Login Flow
Connect a Login Flow to a Profile
Enabling Single Sign-On
Security Tips for Apex and Visualforce Development
Newer Version Available
Configure User Authentication
Choose login settings to ensure that your users are who they say that they
are.
-
Setting Login Restrictions
-
Set Password Policies
To ensure that the appropriate level of password security is used for your organization, specify password requirements with Password Policies settings. -
Expire Passwords for Your Users
As an administrator, you can expire passwords for all users any time you want to enforce extra security for your organization. -
Set Trusted IP Ranges for Your Organization
Trusted IP Ranges define a list of IP addresses from which users can log in without receiving a login challenge for verification of their identity, such as a code sent to their mobile phone. -
Modify Session Security Settings
You can modify session security settings to specify connection type, timeout settings, and more. -
Create a Login Flow
Use the Cloud Flow Designer to build a login flow process, then associate the finished flow with a profile. -
Connect a Login Flow to a Profile
After you create a login flow in Flow Designer and activate the flow, you associate it with a profile in your organization. Users with that profile are then directed to the login flow. -
Salesforce Two-Factor Authentication
Salesforce admins can enhance security by requiring a second level of authentication on every login, called “two-factor authentication” (2FA). You can also require two-factor authentication when a user meets certain criteria, such as attempting to view reports or logging in from an unrecognized IP address. -
Enabling Single Sign-On
-
Connected Apps
-
Desktop Client Access