Salesforce Error: Invalid or expired verification code when using Multi-Factor Authentication (MFA) in Sales and Service

If you are using Salesforce Authenticator

If this error occurs even when entering the correct TOTP code for identity verification using a TOTP code from Salesforce Authenticator, a System Administrator must disconnect the Salesforce Authenticator that is currently connected to the user's account.

• Sales & Service: How to Disconnect a User's Multi-Factor Authentication (MFA)

After disconnection, the user experiencing the error should log into Salesforce and reconnect the Salesforce Authenticator to their account.

• Steps to Set Up Salesforce Authenticator

If you are using a third-party one-time password (TOTP) authentication application

1. Verify that you are entering the correct or a valid verification code.

2. The error can also be displayed if there is a discrepancy in the time settings on the device where the authentication application is installed. Please check the time settings on the device.

   • Troubleshoot Multi-Factor Authentication Issues with Salesforce

   • Excerpt: "Ensure the time on the device running your TOTP authentication app is synchronized with your computer and the official time at http://www.time.gov/— a discrepancy will cause an invalid token error"