Multi-Factor Authentication (MFA) adds an extra layer of security to your FieldKo Salesforce account. It requires a second step (beyond your password) to verify your identity when logging in.
In our case, we use Salesforce Authenticator, a free mobile app, to approve login requests on your phone. This guide will walk you through setting up Salesforce Authenticator for the first time, and explain how to re-link it if you get a new phone.
What You’ll Need
Salesforce Authenticator mobile app – Installed on your smartphone (download it from the Apple App Store or Google Play Store).
Your Salesforce login details – Username and password for your FieldKo Salesforce account.
A computer – To log in to Salesforce and complete the setup steps (while using your phone for the app).
A mobile data or Wi-Fi connection – Both your phone and computer should be online during setup.
First-Time Setup: Connecting Salesforce Authenticator
Follow these steps to register the Salesforce Authenticator app as your MFA verification method:
Install the Authenticator App on your phone: If you haven’t already, download and install Salesforce Authenticator from your app store. It’s available on iPhones via the App Store and on Android via Google Play. Once installed, open the app. (If it’s your first time opening it, you can go through the brief tour or skip straight to adding your account.)
Log in to Salesforce on your computer: On your computer or tablet, open the Salesforce login page and log in with your username and password as usual.
If prompted to set up MFA: Salesforce may automatically show a Connect Salesforce Authenticator screen after you enter your password. This is where you’ll connect the app – proceed to the next step.
If NOT prompted: You can manually start the connection. In Lightning Experience, click your profile avatar (top right) and select Settings to open your personal settings. In the left sidebar’s Quick Find search box, type "Advanced User Details" (or find Personal Information), then click Advanced User Details. Scroll down to find App Registration: Salesforce Authenticator and click Connect. (You might be asked to log in again or enter a verification code sent to your email or phone before continuing.)
Add your account in the mobile app: Now, on your phone, with the Salesforce Authenticator app open, tap Add an Account. The app will display a unique two-word phrase on the screen (for example, it might show words like "exact research"). This phrase is used to link your app to your Salesforce account.
Enter the two-word phrase in Salesforce: Back on your computer, you should see a field asking for the two-word phrase. Carefully type the two-word phrase exactly as it appears on your phone into the Salesforce screen, then click Connect.
Complete the connection on your phone: Look at the Salesforce Authenticator app on your phone again. It should now show details about the account that you’re connecting (e.g. your Salesforce username, the browser or device you’re using, and your location). If everything looks correct, tap Connect in the app to confirm the pairing.
Finish and confirm: Once you tap Connect, the setup is complete! You should see a confirmation on the Salesforce login screen that the authenticator is connected. You’ll also receive a confirmation email from Salesforce indicating a new verification method was added to your account. Going forward, your Salesforce account is secured with MFA.
Using MFA After Setup: The next time you log in to Salesforce, after entering your username and password, you’ll be prompted to verify your login. Salesforce Authenticator will send a notification to your phone. Just open the app, review the login details, and tap Approve to finish logging in. That’s it – you’re in! (If you ever don’t get a push notification, open the Authenticator app manually. It always shows a 6-digit code for your account that you can enter as a backup verification method.)
What If I Get a New Phone? Re-Linking Salesforce Authenticator
Upgrading or changing phones is common – here’s how to move your Salesforce Authenticator MFA to your new device. There are two ways to re-link the app on a new phone:
Option 1: Use the Authenticator App’s Backup & Restore (if set up)
If you enabled backup for your accounts in the Salesforce Authenticator app on your old phone, you can easily restore those accounts on your new phone. Salesforce Authenticator version 4.0+ lets you back up accounts via your verified email (older versions use your mobile number).
Enable Backup on old phone (if not already done): On your old device, open Salesforce Authenticator, go to Settings (or tap the cloud icon 🔁) and ensure Back Up Accounts is turned on. You’ll be prompted to verify an email address and set a passcode for the backup. (If you’ve already done this in the past, you can skip this step.)
Restore on the new phone: Install Salesforce Authenticator on your new phone and open it. On the welcome screen, tap Restore from Backup. Sign in with the same email (or phone number) that you used to back up, and enter the verification code sent to your email/SMS to confirm the restore.
Enter backup passcode: Finally, enter the backup passcode you set earlier to decrypt and restore your accounts. Once you do this, your Salesforce account (and any other accounts you had in the app) will appear in the Authenticator app on the new phone, fully linked and ready to use. 🎉
Test the new device: Log in to Salesforce with MFA using the new phone to ensure everything works. You should receive the approval request on your new phone now.
Remove old app (optional): If all is working on the new phone, you can uninstall or delete the Salesforce Authenticator app from your old phone. This prevents any confusion and ensures only your new device can approve logins.
Option 2: Manually Disconnect and Re-Connect the App
If you did not use the backup feature, or don’t have access to it, you can re-link the authenticator by disconnecting the old device and connecting the new one manually:
Log in with your old MFA (if possible): Make sure you can log in to Salesforce at least one more time using your old phone (approve the MFA request on the old device). This will allow you to disable the old phone and add the new one. If you no longer have the old phone, see the note at the end of this section.
Disconnect the old device in Salesforce: In Salesforce (Lightning) on your computer, go to your Settings -> Advanced User Details (as described in the first-time setup). In the App Registration: Salesforce Authenticator section, you should see your old device listed. Click Disconnect to remove the old phone as a verification method. Confirm any prompts. This tells Salesforce you’ll no longer use that device for MFA.
Connect your new phone: Now, with the old device removed, click Connect (it should be available once the old one is disconnected) to set up a new authenticator. On your new phone, open the Salesforce Authenticator app and tap Add an Account to get a fresh two-word phrase (just like you did during first-time setup). Enter that two-word phrase into the Salesforce connection screen and click Connect, then tap Connect on your phone to confirm and pair the new device.
Finish and test: You’ll get a success message once the new phone is linked. Salesforce will send an email confirming you added a new authenticator. Now try logging out and logging back in to make sure the MFA prompt goes to your new phone (and approve the request to verify). If it works, you’re all set on the new device!
Remove or turn off the old app: If you still have the old phone, go ahead and remove the Salesforce Authenticator app or at least ensure it’s not connected to your account anymore. Only your new phone should receive login approvals going forward.
Note: If you no longer have access to your old phone and didn’t back up your Authenticator, you might be locked out of Salesforce because you can’t approve the login. In this case, you’ll need to contact a Salesforce administrator to help you disable MFA for your user temporarily or register a new verification method. An admin can disconnect the lost device from your account, allowing you to log in and set up a new authenticator. Always reach out for help if you’re stuck – your admin can get you back in if your MFA device is lost or replaced.
Need Help?
If you run into any issues during setup or have questions, feel free to reach out to the FieldKo support team for assistance. Remember, MFA is there to protect your account, and once Salesforce Authenticator is set up, logging in is quick and secure with just a tap on your phone.