Newer Version Available

This content describes an older version of this product. View Latest

Adding a Time-Based Token

You can associate a time-based token generator with your account, if your administrator requires an authenticator app generated value when you log in for increased security.
Available in: All Editions

Your administrator can set your account to require more than just your password to log in or access parts of the Salesforce organization. This additional level of security is a second “factor” of authentication. If your administrator has set this requirement, you need to configure this additional factor (usually an authenticator app that displays a code, such as Google Authenticator) for you account. This additional factor of authentication generates your time-based token (usually a numeric code). Once you associate the time-based token generator to your account, you’ll be prompted to enter the changing value from the authenticator app whenever you log in to Salesforce.

  1. Download the supported authenticator app for the type of device you’re using. This can be any authenticator app that supports the time-based one-time password (TOTP) algorithm ( IETF RFC 6238), such as Salesforce Authenticator for iOS, Salesforce Authenticator for Android, and Google Authenticator.
  2. From your user Advanced User Details page in Salesforce, find Time-Based Token and click Add .
  3. For security purposes, you’re prompted to log into your account.
  4. Scan the QR code with the authenticator app on your mobile device.
    Alternatively, you can manually enter your username and the key displayed when you click Can’t scan the QR code? into the app.
  5. Enter the value generated by the authenticator app into the Token field in Salesforce.
    The authenticator app generates a new token value, periodically. Enter the current value.
  6. Click Verify and Add.