Brian Walsh
Apr 8, 2014

In 2012, Mat Honan from Wired, detailed his horrible experience of being personally hacked. The hackers were able to leverage security flaws in Amazon and Apple to get into his Gmail account, and eventually, take over his coveted, three-letter Twitter handle of @mat. This could have, however, been thwarted if he had configured two factor authentication for Google. Google provides this as a free feature, pairing the web authentication functionality with either SMS or its free Google Authenticator mobile application (Android, iOS). In Winter 2014, Salesforce enabled two factor authentication for no additional cost. In addition to supporting the free Google Authenticator application, it also provides its own mobile applications (Android, iOS) and supports third-party services. Details can be found here. Enabling two factor authentication can be done in less than five minutes. Here are the steps:

First, create a permission set with the two factor authentication setting


Next, assign user(s) to the permission set


Finally, when the user logs back in, they will be presented with a QR code and links for the mobile applications. After installing the mobile application, the user simply scans the QR code. Whenever the user needs to log in, they enter their username/password (as they always have) followed by entering the verification code from their mobile application:


Here is a screenshot of the Android version of the Google Authenticator:


If the user loses, upgrades, or changes phones, you will need to reset their Auth token. There is a link on the user detail page to reset the Time-Based Token. This will generate a new QR code for the user at login.


If you are looking to provide additional security for your Salesforce org, consider adding two factor authentication. Time and complexity to configure for your users should not be an issue!

Accelerate your ISV Work.com strategy

Stay in the know on all things SaaS and Salesforce with The Decoder.

Join Our Newsletter

See what our newsletter has to offer:

Check out a recent copy here!

Join Our Mailing List