You are here:
Register for Multi-Factor Authentication (or Get a Little More Time If You Need It)
To protect your account against cyberthreats, logins now require multi-factor authentication (MFA) in addition to your username and password. To finish logging in, register a verification method that proves your identity. Not ready for MFA? You can skip it during a small grace period. After that, MFA is required for every login unless a Salesforce admin turns it off temporarily.
Register an Identity Verification Method for MFA
Pick one of these verification methods, then follow the on-screen registration steps. Not sure which option to use? Talk to your Salesforce admin.
| Salesforce Authenticator | Built-In Authenticator | Security Key (U2F or WebAuthn) | Third-Party Authenticator |
|---|---|---|---|
|
|
|
|
The registration process starts differently depending on your org. You see either a list of verification methods or you start with the option to connect Salesforce Authenticator.
|
|
|
Not seeing the last two options in the list? Ask your Salesforce admin to add them. |
Don’t want to use Salesforce Authenticator? Select the highlighted link. |
Skip MFA If You’re Not Ready for It
Your org has a 30-day grace period where you can log in without MFA. Select Log In Without Setting Up MFA at the bottom of the registration screen.
It’s possible your org’s grace period started before you logged in. A timer at the bottom of the registration page shows how many days are remaining.
30 Days Not Enough? Salesforce Admins Can Temporarily Disable MFA
If you’re a Salesforce admin and your users aren’t ready for MFA after the 30-day grace period ends, you can temporarily disable MFA for your org. From Setup, in the Quick Find box, enter Identity, and then select Identity Verification. Deselect Require multi-factor authentication (MFA) for all direct UI logins to your Salesforce org, then save your changes.
Turning off MFA means you’re no longer complying with the contractual requirement to use it. Re-enable it as soon as possible. All admins for the org receive periodic in-app warnings until MFA is turned on again. For full details about the MFA requirement, see the Salesforce Multi-Factor Authentication FAQ.
