Newer Version Available

This content describes an older version of this product. View Latest

Network-Based Security

Network-based security limits where users can log in from, and when they can log in. This is different from user authentication, which only determines who can log in. Use network-based security to limit the window of opportunity for an attacker and to make it more difficult for an attacker to use stolen credentials.

To enhance network-based security, you can restrict the hours during which users can log in. You can also restrict the range of IP addresses from which users can log in and access Salesforce. If IP address restrictions are defined for a user’s profile and a login originates from an unknown IP address, Salesforce does not allow the login. These restrictions help protect your data from unauthorized access and phishing attacks.

To set the organization-wide list of trusted IP addresses from which users can always log in without a login challenge, see Set Trusted IP Ranges for Your Organization. To restrict login hours by profile, or to restrict login and access requests by IP addresses for specific profiles, see Setting Login Restrictions.