Plan To Implement MFA
Configuring Permission Set in salesforce
- Login into your Salesforce account
- On the setup page, search “Permission Set.”
- Click the “New” button to create a new permission set for the user and enter the label name. The API name will automatically generate, then click the “Save” button.

- Save
Figure 1 : New Permission Set
- After saving, scroll down and click “System Permissions” under the system section in the created permission set. Then click the “Edit” button.

- Save
Figure 2 : Edit System Permission
Enabling and configuring MFA in Salesforce
- Scroll down or search “Multi-Factor Authentication for User Interface Logins” and enable the check box. To save the update, click the “Save” button.

- Save
Figure 3 : Check Multi-Factor Authentication for User Interface Logins
Add User To permission set
- Click the “Manage Assignments” button and then click the “Add Assignments” button to add users.

- Save
- Select the user to enable two-factor authentication, then click the “Assign” button.

- Save
- Click the “Done” button and activate the created permission set.
- Log out of your Salesforce account.

- Save
Figure 4 : Log Out of Account
Download and install the Salesforce Authenticator
- Download and install the “Salesforce Authenticator” application from your mobile device’s app market.

- Save
Figure 5 : Download Salesforce Authenticator
- Open the “Salesforce Authenticator” app and click “Add an Account.”

- Save
Figure 6 : Open Salesforce Authenticator
- On your mobile device, the app displays a two-word phrase authenticator. Hold that word on your mobile device.

- Save
Figure 7 : Two-Word Phrase in App
Test MAF In Salesforce
- Log in to the Salesforce account that created the permission set.

- Save
Figure 8 : Account Login
- After clicking on the login button, the “Connect Salesforce Authenticator” page will be opened. Enter the two-word phrase from the Salesforce Authenticator application and then click the “Connect” button.

- Save
Figure 9 : Connect Salesforce Authenticator Page
- Now, check your Salesforce Authenticator app; it will prompt you to connect with the authenticator. Click on the “Connect” button.

- Save
Figure 10 : Connect Account Request Page
- Your mobile device now displays your username and service name. Check the details after clicking the “Connect” button on your mobile device.

- Save
Figure 11 : Username and Service Name Details
- If successfully connected, you’ll be automatically redirected to your Salesforce account’s main page. You can log out of this session to test your multi-factor authentication.

- Save
Figure 12 : Log Out Current Account Session
- Again, enter your login credentials and then click the “Login” button.

- Save
Figure 13 : Log in to Your Account
- Check your Salesforce Authenticator app; it will prompt you to approve this log in or not. Click the “Approve” button to approve this login session.

- Save
Figure 14 : Salesforce Authenticator App with Details
- Your login is approved; you’ll be automatically redirected to your Salesforce account’s main page.

- Save