Delegate MFA Identity Verification Method Disconnection to Non-System Administrator Users

The following setting is configured to allow disconnection as a proxy for the System Administrator:

A. Grant users with a Salesforce License the [Manage Multi-Factor Authentication in User Interface] permission via a Custom Profile or Permission Set

Note: Users other than the Salesforce License cannot be granted the [Manage Multi-Factor Authentication in User Interface] permission. In that case, there is a separate option below.

Reference: 

• Delegate MFA Management Tasks for Salesforce Orgs
• Sales Service Cloud : How to Disconnect a User's Multi-Factor Authentication (MFA)

B. Utilize the Delegated Administrator function to log in as another user and perform the disconnection

- Create a delegated group using the Delegated Administrator function with [Enable Login Access] set to ON.

- Set the user who is to be the Delegated Administrator as the [Delegated Administrator].

- Perform the disconnection from the [Advanced User Details] screen by logging in as that user through Login Access.

Reference: 

• Set up a Delegated Administrator
• Log In as Another User
• How to Disconnect a Multi-Factor Authentication (MFA) Verification Method as a User