Loading
Salesforce now sends email only from verified domains. Read More
Identify Your Users and Manage Access
Table of Contents
Filter by (0)Add
Select Filters

          No results
          No results
          Here are some search tips

          Check the spelling of your keywords.
          Use more general search terms.
          Select fewer filters to broaden your search.

            Search all of Salesforce Help
            Search all of Salesforce Help
            Use SMS as an MFA Verification Method for External Users

            You are here:

            1. Salesforce Help
            2. Docs
            3. Identify Your Users and Manage Access

            Use SMS as an MFA Verification Method for External Users

            If you enable multi-factor authentication (MFA) for your customer or partner Experience Cloud sites, external users can log in using one-time passcodes delivered via SMS text messages. Users need only a verified mobile number and access to their device when they log in. This option is available for external users only. External users can also verify their identity with other supported MFA verification methods such as Salesforce Authenticator built-in authenticators, security keys, and third-party authenticator apps.

            Required Editions

            Available in: both Salesforce Classic and Lightning Experience
            Available in: all editions
            User Permissions Needed
            To edit profiles and permission sets: Manage Profiles and Permission Sets

            By default, when external users register for MFA, they can choose from all supported verification methods. But when you enable SMS one-time passcodes for MFA, that method is the only one available to users during the initial registration process. After registration, users can add any other supported verification method to their account from the Advanced User Details or Personal Information page. If multiple verification methods are connected to an external user’s account, Salesforce automatically uses the strongest method available for MFA logins.

            Before you begin:

            To enable SMS text messages for MFA:

            1. Contact Salesforce Customer Support to allow the use of one-time passcodes delivered via SMS text messages as an MFA verification method for external users.
            2. Assign the Let external users verify their identity by text (SMS) permission to users via custom user profiles or permission sets.
              When users log in again, they’re prompted to register and verify a mobile number if they haven’t already done so.
            Note
            Note Because one-time passcodes delivered via text messages are less secure than other MFA verification methods, this option is available for external users only. Internal users who access the Salesforce user interface need a strong verification method. For more information about how internal users can satisfy the contractual requirement to use MFA, see the Salesforce Multi-Factor Authentication FAQ.

            See Also

             
            Loading
            Salesforce Help | Article