Salesforce Trust

Two-Factor Authentication: the #1 thing you can do to protect user accounts

Why consider 2FA

Two-factor authentication (2FA) is a simple security measure built to prevent unauthorized access to user accounts.

Two-factor authentication requires two forms of validation to access an online account. These two factors typically include something you know (e.g., a password) and something you have (e.g., a code generated on a mobile device). By requiring more than one factor during the authentication process, there is increased assurance the user's access is authorized. While there is risk that a single factor such as a password may be compromised, requiring a second factor can effectively mitigate this risk.

Get Started




2FA Impact on Security

In order to keep your business running and your data safe it is important that each of your users' credentials are used only by those authorized users. Implementing two-factor authentication is one of simplest and most effective actions your company can take to improve security of your Salesforce deployment.

2FA Options for Salesforce Customers

Salesforce supports multiple methods of two-factor authentication including U2F Tokens, OAUTH HOTPs, Temporary Tokens, and Salesforce Authenticator. Additionally, Salesforce has a wide variety of built-in tools for scaling your deployment, including 2FA delegation, reports, dashboards, and email adoption campaigns.

Download the Admin Rollout Guide

2FA using Salesforce Authenticator

Salesforce Authenticator is a smart, simple, two-factor authentication solution that increases the security of your Salesforce deployment. Salesforce Administrators can increase security while driving a better user experience by adding this feature.

Salesforce Authenticator is a mobile app downloaded by each user. Upon entry of the user's credentials into the Salesforce login page, the app tells the user:

  • What action needs to be approved
  • What user is requesting the action
  • From which service is the requested action coming
  • What device the user is using
  • From what location would the user approve or deny this request

With this information, the user can simply tap the "Approve" or "Deny" button to execute the decision, and thus complete authentication quickly and get on with the intended task.

Download the Whitepaper




Learn on Trailhead

User Authentication

Explore security features such as two-factor authentication, custom domains, and single sign-on.

Earn the Badge

Security Basics

Educate your users, protect your Salesforce org, and encourage a culture of security.

Earn the Badge

Identity Basics

Secure your org so users can log in once to access a variety of apps, orgs, and services.

Earn the Badge


Official Partner of
Lock Down Your Login

Salesforce is proud to be an official partner of the Lock Down Your Login campaign, a STOP. THINK. CONNECT.™ initiative.

For more information visit