You are currently viewing Introduction To Multi-Factor Authentication In Salesforce

Introduction To Multi-Factor Authentication In Salesforce

Sharing is caring!

If you’re like most business owners, your organization’s data is probably the most valuable asset, and keeping it secure is paramount. With remote work becoming the norm these days, opportunities for hackers and ransomware are increasing at a rapid rate. Multi-factor authentication adds an extra protection layer against common threats such as phishing attacks, credential stuffing, and account takeovers. Implementing MFA and MFA for products built on the Salesforce Platform are the most effective ways to help top Salesforce consulting companies increase the security of their Salesforce data. 

What Is MFA?

Multi-factor authentication (MFA) is a secure authentication method that requires users to verify their identity by providing a set of information (or “factors”) when attempting to log in. A factor is something the user knows, such as their username and password. Another factor is user-only verification methods, such as an authenticator app or security key. 

Salesforce offers several available multi-factor authentication methods:

Salesforce Authenticator: A free mobile app that integrates with your login process to let users verify their identity via push notifications. 

Third-party TOTP authentication applications: Applications that generate a unique temporary verification code that the user enters when prompted. This code is called a time-based one-time password, or TOTP for short. Users can choose from various options, including Google Authenticator, Microsoft Authenticator, or Authy.

Security keys: A small physical tokens that look similar to the thumb drive. Signing in with this option enables users to simply connect the key to their computer then press the key’s button to verify their identity. Users can use any key compatible with the FIDO Universal Second Factor (U2F) standard, such as Yubico’s YubiKey or Google’s Titan Security Key.

How To Implement MFA Using Salesforce Authenticator Mobile App

Users can be authenticated during the login process using the salesforce authenticator app. The Salesforce Authenticator app is a free mobile app that integrates with the user login process. Users can quickly verify their identity via push notifications on their mobile app.


  • Admin user of the Salesforce org
  • Requires a smartphone device

Here are the steps we need to follow to set up MFA using the Salesforce Authenticator mobile app method:

Step 1: Set the session security level for MFA

First, you have to go to the Setup from the gear icon on the top of the Salesforce org; then you have to go to the Quick Find box, then search for session settings and then click on session settings; there, you have to add Multi-Factor Authentication in the High Assurance category of Session security level, located at the bottom of the session settings.

Step 2: Create a Permission set for MFA

Now, Search for the Permission Set in the quick find box and click on the Permission Set. Now, you have to create a new Permission set. 

You can name it. My Permission set is designated as MFA Authorization.

Now you have to go to the System Permissions under the System section.

Edit System Permissions. 

Enable Multi-Factor Authentication for User Interface permission & then confirm the change by clicking on the save button

Step 3: Assign the Permission Set to Users

Now you have to assign the created permissions set to the user. Go to the Manage Assignments button on the permissions set.

Now click on the Add Assignments under the Manage assignments.

Moving forward, assign the user you want to add to the permission list. As you can see in the picture below, I have assigned one user whose username is

Your user is assigned to the permission set.

Step 4: Setup the Salesforce Authenticator App

You must first download the Salesforce Authenticator app on your mobile device. You can use the Salesforce Authenticator app to allow backup of your linked accounts. If you lose, damage, or replace your mobile device, you can recover the account connected to another mobile device.

Step 5: Connect the Salesforce org to the Authenticator App

To connect to the authenticator app, you must leave your organization and sign in again. The following screen will appear.

Here, you’ve to enter the two-word phrase which you’ll get from the Authenticator App. Now, Download the Salesforce Authenticator App.

Here are the links for downloading the Salesforce Authenticator App:

Android –


After completing the downloading, open it & click on the Add an Account button on the App.

After clicking on the Add an Account button, the two-word phrase will appear on the app, which you’ve to enter at the org visible to the Desktop screen.

Enter the Two-Word Phrase here & click on Connect. 

Then, there’ll be a screen pop-up on your smartphone to confirm that you want to connect to this org. Select connect on your smartphone, and you’re good to go. Now your MFA is completely implemented.

If you want to verify, you can Logout & log in again; Org must ask for the confirmation you have to do from your Smartphone Authenticator App.

Here you can see, while trying to login to the org, this screen will be shown up, and the notification screen will appear to confirm this in the Smartphone App.


Starting February 1, 2022, all Salesforce users must use multifactor authentication (MFA) to access Salesforce products. Also, MFA is available at no additional cost.

Salesforce provides a simple and innovative MFA solution that offers solid security with ease of use. Salesforce products that contain user and customer information support various robust verification methods to cater to your business requirements. The new Salesforce MFA mandate helps you protect yourself and your organization from potential breaches by requiring users to provide MFA with access to sensitive data.

In times of crisis and as organizations shift to a more mobile workforce, it is more important than ever to add extra protection against unauthorized access attempts. Salesforce MFA provides additional protection against common security threats such as phishing attacks and account takeovers. 

Need expert Salesforce consulting services to increase your bottom line? As one of the top Salesforce consulting companies, Cloud Analogy experts are well versed in strategic planning, implementation, and consulting services to help you achieve your business goals and boost up their productivity. Contact us today to learn how we can help.


Ajay Dubedi

CEO | Founder
Ajay Dubedi, the founder and CEO of Cloud Analogy, is a prominent Salesforce Sales, Service, and Marketing cloud Consultant with a rich expertise in handling challenging business models. Ajay has assisted and implemented solutions in industries comprising Banking, Health Care, Networking, Education, Telecommunication and Manufacturing. Ajay is globally acclaimed for his extensive experience in APEX Programming, VisualForce pages, Triggers, Workflows, Page Layouts, Roles, Profiles, Reports & Dashboards.

Hire the best Salesforce Implementation Partner. Choose Cloud Analogy, the world's most preferred Salesforce Implementation Company that provides custom CRM Implementation services.

Leave a Reply

× How can I help you?