Salesforce - Manage Multi-Factor Authentication (MFA) Options
Admins can assist with lost access through the normal setup page for users and then generating temporary verification codes. Users can manage MFA options in the Advanced User Details page in their user profile settings. These do not cause MFA to be enabled, as MFA is enabled by a permission set.
Instructions as a Salesforce Admin
If users have a lost access to their multi-factor method and need to reset it, an admin can go through the following process to generate a temporary code which can provide access with a minimum duration of 1 hour. Of course, the identity of the person should be confirmed before providing access to the code.
Log into Salesforce, go to Setup
Go to Users and select a user account
On the “User Detail” page, view the section shown below for “Temporary Verification Code”. Click on “Generate” to create a code which should be securely provided to the user requiring access.
Instructions as a Salesforce User
For users to add additional methods or disconnect existing methods, they can log onto their account and go to Advanced User Details.
Log into Salesforce, click on your profile
Select “Settings”
Advanced User Details
In the User detail, view the section shown below (the image shows already configured MFA options which can be disconnected):
App Registration: One-Time Password Authenticator (for example, Google Authenticator or any one-time passcode app)
App Registration: Salesforce Authenticator - Salesforce Authenticator App for push notifications
Security Key (U2F) - physical key for MFA
Lightning Login - removes need for password at login, allow login with push notification after email address is entered.
Temporary Verification Code - generate temporary codes if accessed is lost.
Related articles
Salesforce - Enabling Multi-Factor Authentication (MFA)