Multi Factor Authentication, What it is and how to set it up

NEW from the Tether Tips Blog – Multi-Factor Authentication: What it is and how to set it up.

A really helpful tip from our Salesforce Administrator Simon O Leary this week.


As of February 1, 2022, it will be required for every Salesforce Org to have Multi-Factor Authentication (Or MFA for short) activated. So, what is MFA?

MFA means you will need more than a username and password to log in to your org. This usually means an alert is sent to your phone when your username is used and you have to authenticate this login. MFA provides more security for your org, helping protect your data.

There are multiple ways to verify your login, below are the three Salesforce offer:

In this article we will discuss setting up the Salesforce Authenticator method as it is free and available to everybody.

Note: This method of MFA will require the Salesforce Authenticator mobile app.

So how do I set this up?

Setting this up is quite easy, although will require your systems administrator to do so. First you will want to create a Permission Set and call it something along the lines of “MFA Permission Set” so it is easily identified. To do this you should go to Setup and search “Permission Sets” in the quick find bar.

Creating the default formula

From here you select “New” and you will be presented with the permission set creator as seen in the image below: 

You can select a license type from the drop down at the bottom which will apply this set to all users of that license, however in this case we will assign to our users individually.

Now that it has been created, we have to enable the necessary settings. To find the MFA settings go to System Permissions, click “Edit” at the top and search for “Multi-Factor Authentication for User Interface Logins”, as seen in the image below.

With this enabled you can click “Save” at the top and just like that your MFA permission set is finished.

To assign this to users, select the “Manage Assignments” button at the top of the permission set and then “Add Assignments”. This will present you with a list of users in your Org and you can enable MFA for them by ticking the boxes beside their name and selecting “Assign”.

Before activating this for everybody in the org, it might be a good idea to test it for yourself first, and then roll it out in waves. It is also strongly advised to alert users before activating MFA on their account, and reminding them to register another method of verification, such as the Salesforce Authenticator app. This will reduce disruption on the day their MFA is activated.

And with that, you have Multi-factor Authentication ready to go and can roll it out as you choose to your users!

Thanks for reading, We hope this has helped.

The Tether Team

#salesforce #salesforcecrm #tethertips #crm

Share the Post: