Let users who aren’t Salesforce admins provide support for two-factor authentication in your org. For example, suppose you want your company’s Help Desk staff to generate temporary verification codes for users who lost or forgot the device they usually use for two-factor authentication. Assign Help Desk staff members the “Manage Two-Factor Authentication in User Interface” permission so that they can generate codes and support end users with other two-factor authentication tasks.
|Available in: Both Salesforce Classic and Lightning Experience|
|Available in: Contact Manager, Group, Professional, Enterprise, Performance, Unlimited, and Developer Editions|
|To edit profiles and permission sets:||“Manage Profiles and Permission Sets”|
To assign the permission, select “Manage Two-Factor Authentication in User Interface” in the user profile (for cloned profiles only) or permission set. Users with the permission can perform the following tasks.
- Generate a temporary verification code for a user who can’t access the device normally used for two-factor authentication.
- Disconnect identity verification methods from a user’s account when the user loses or replaces a device.
- View user identity verification activity on the Identity Verification History page.
- View the Identity Verification Methods report by clicking a link on the Identity Verification History page.
- Create user list views that show which identity verification methods users have registered.
Although non-admin users with the permission can view the Identity Verification Methods report, they can’t create custom reports that include data restricted to users with the “Manage Users” permission.