Table of Contents
Introduction
Multifactor authentication (MFA) adds a layer of protection to the sign-in process. When accessing accounts or apps, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone or email.
Different ways to achieve MFA
You can implement MFA using various devices like RSA Toke, Any Authenticator application like Google Authenticator, Microsoft Authenticator, Salesforce Authenticator & etc.
Note: – Image copyright to microsoft.com
Steps to implement
- Create an Email Template
- Create an Email Alert
- Create a Screen Flow
- Create Login Flow
- Test the flow
Setup Email Template
To create the Email template follow the below steps
- Click on App launcher ( 9 dots on the left top) & Search for Email Template
- Click on New Email Template
- For Email Template Name You can give it something like “Your OTP to verify your Identity”
- For Related to Select OTP object
- Provide Subject like “Your OTP to verify your Identity”
- Click Save to Save your Template
Now Click on Edit and Use below content for HTML value
You recently logged in to Salesforce from a browser or app that we need to validate using two-step verification.
Browser: {{{OTP__c.Browser__c}}}
Operating System: {{{OTP__c.OperatingSystem__c}}}
Username: {{{OTP__c.Username__c}}}
To ensure your account’s security, we need to verify your identity. Enter the following code where prompted by auth system
Verification Code: {{{OTP__c.OTP__c}}}
If you didn’t recently log in to Salesforce, or you don’t recognize this browser or operating system, contact your Salesforce administrator.
Create Email Alert
As we have set up the email template, the time is to set up the email alert and this email alert we will use in the flow to send the email to Users when they try to log in.
- Navigate to Setup and Search for Email Alert.
- Click on New Email Alert
- Provide your description
- For Object – Select OTP
- For Email Template Select the Lightning Email Template you have created in the previous Step
- For Recipient Type Select Related User from the Dropdown and then Select “Related User: User”
- Save the Email Alert
Develop flow
As we have discussed that the Login Flows is nothing those are Screen flow. So in this demo, we will create a Screen Flow
There is some text content that I have used. So Please find the content below and watch the video for full setup and development
Useful content for flow
Content for Verify Screen
Enter the code sent to you by email.
To ensure your account’s security, we need to verify your identity. Enter the following code where prompted by authy system.
We have sent the code to the email associated with this username: “Use Your Correct Expression here to populate the UserName”
Content for Warning Message
You have made {!invalidAttempt} Invalid attempts. If you exceed 3 attempts your user will be locked!
Content for Logout Screen
You have exceeded the Maximum no of Limits to login. Please contact your system admin for help!
Content for Invalid Login
The OTP that you have entered is not valid!. Please try again or contact your Salesforce Admin!
Final Flow
