Two-factor authentication in Salesforce
Two-factor authentication in Salesforce is a two-step login process. You can enable it if your users need more security rather than the ordinary login process. In this process, once the user logs in using their username and password, a token or passcode is sent to their device, which they need to enter in order to finally log in.
Time-based tokens can now be used as a substitute to SMS-based (not available for non-English organizations) and e-mail-based login verification to activate a computer:
1. Download the supported Authenticator app for your mobile devices.
2. Create one permission set with the name Two Factor Authentication.
To do this, navigate to Name | Setup | Manage Users | Permission sets | New and enter the data as shown in the following screenshot:
3. Add the Two-Factor Authentication for User Interface Logins system permission in the newly-created permission sets.
4. Now, navigate to the user's record for which you want to enable Two Factor Authentication.
5. Add this permission set to the user's record by clicking on the Edit Assignments button in the list related to Permission Sets Assignments on the user's record.
6. Now, log out from Salesforce and log in using your credentials; you will come across the following page:
7. Open Google Authenticator App on your mobile and scan the QR code, and it will look like the following screenshot:
8. Enter this code in the login screen and access your organization.
Removing Time-Based Token/Two-Factor Authentication
It's very easy to do this; just navigate to the user's record and click on the Remove link beside Time-Based Token:
More about Two-factor authentication in Salesforce
Thanks for reading......