Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Enable Built-In Authenticators for Identity Verification in Salesforce Orgs

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Enable Built-In Authenticators for Identity Verification in Salesforce Orgs

            Allow your users to verify their identity for multi-factor authentication (MFA) or device activation with a built-in authenticator that’s already on their device, such as Touch ID or Windows Hello. After you enable this method, users can register the built-in authenticator on their device so it’s connected to their Salesforce account. Built-in authenticators are phishing-resistant. Enabling and requiring them is a security best practice.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience
            Available in: all editions
            User Permissions Needed
            To enable built-in authenticators:

            Customize Application

            AND

            Manage Users

            In orgs created in Summer ’25 and later, this setting is enabled by default.

            1. From Setup, in the Quick Find box, enter Identity Verification, and then select Identity Verification.
            2. Select Let users verify their identity with a built-in authenticator such as Touch ID or Windows Hello.
            3. Save the settings.

            See Also

             
            Loading
            Salesforce Help | Article