Categories

Login Restrictions in Salesforce

  • Emily Call
  • Posted byby Emily Call
  • Updated

One of the first things you’ll encounter during a security check is the Login restrictions. These are some of the most important security measures you can make with in your salesforce org, so let’s understand how they work 

IP address 

The IP address of where a user should log in can be defined in two different places with in your org. You can do this on the organizational level where all users in your org need to log in from a range of IP addresses. Like if you want them to only log in from the office. Although this can be good for some people it might not be good for all employees. 

You can also set the IP address range in the profile settings. This will allow you to limit the employees with a sales profile to only log in at work, while allowing your administrator to log in remotely, in case there is an emergency and they are out of the office. 

Log-in hours

Login hours works similarly to the IP address. They can be defined on the profile or for the whole org. While it might be good to define them for the whole org and can be set for certain days, they should be controlled and will be better controlled on the profile level. 

It’s important to note that a user is still logged in when the hours expire they will be able to stay on the page they are on, but upon navigating to a new page, they are signed out and cannot log back in until the hours allow.

Password Policies

Password policies is another login security measure and there are a variety of ways that you can change this for your org. 

Here are all of there different ways in which you can require users to have secure passwords: 

  • Password expiration time
  • Password history 
  • Minimum length 
  • Complexity Requirements
  • Question Requirements
  • Maximum invalid login attempts
  • Lockout period 
  • Obscure secret answer after resets
  • Minimum password lifetime
  • Allow APIs for self-resets 

Of course not all of these will allow you the freedom your org is looking for, however they are important to secure so no one can log in and steal your data. 

My LinkedIn Profile: https://www.linkedin.com/in/emily-call-95803b161/

More Reading

Post navigation

1 Comment

Comments are closed.