US English (US)
ES Spanish

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • Log in
English (US)
US English (US)
ES Spanish
  • Home
  • Help & Support
  • Support
  • Support FAQs
  • FAQ: Salesforce

Setting up passkeys for your Salesforce User

Contact Us

If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.

Please fill out the contact form below and we will reply as soon as possible.

  • RIO Certification
    RIO Certification Program RIO Academy RIO Challenge RIO Recipe Training
  • Releases
    V3 Release Notes V4 Release Notes
  • Help & Support
    Install RIO Education RIO Insights RIO Recipe Support RIO Graduate/Intern Program Trainee (GPT)
  • Experience RIO in action
  • RIO Insights
+ More

Table of Contents

Overview How to create and use a passkey Passkey stored on a phone Passkey stored on a computer

Overview

Starting in July 2026*, Salesforce will enforce stronger security requirements for logging into a Salesforce instance. This affects both sandboxes and production orgs.

User Type Requirement
Employee Users Standard MFA: Salesforce Authenticator, TOTP Apps (Google/Microsoft Auth)

Privileged Users and Administrators

(including RIO Administrators)

Phishing-Resistant MFA: Security Keys (WebAuthn), Built-in Authenticators a.k.a. Passkeys (Touch ID, Windows Hello), Admin-Generated Temporary Verification Codes

*This is gradually being rolled out to organisations throughout the month.

The simplest solution to meet this requirement for your user is to set up passkeys. Passkeys act similarly to 2FA (where you need to approve your login using a code/confirmation from your phone), however, the device used to approve the login (e.g. your phone, which stores the passkey) must physically be in close proximity to the device on which you are attempt to log in (e.g. your PC). To confirm a login's approval, you will typically use a PIN or biometrics (e.g. fingerprint, Face ID).

 

How to create and use a passkey

You can create passkeys for multiple devices, for example, your phone, your work computer, and your home computer. It is recommended that you create a passkey on your phone first, so that you can use it to authorise your logins on your work/home computers. Then, when logged in to your work computer, you can create a passkey on your work computer itself, which will use Windows Hello to approve your logins on that computer.

Upon logging in as an admin/privileged user, you should be prompted to Register a Passkey.

If this has not appeared, or if you wish to add an additional passkey, you can go to View Profile | Settings | Advanced User Details, scroll down to Built-in Authenticators and click Add.

Passkey stored on a phone

The computer you are using must have Bluetooth support.

Clicking Register Passkey will open this Windows Security prompt. Select iPhone, iPad, or Android device.

Use your mobile device to scan the QR code, and tap Use passkey when it appears.

Save the passkey to your device. It will be stored in your device's password manager (e.g. Google Password Manager, Bitwarden).

You can now use your phone to approve logins to your user. Your phone will need to be in close proximity to the device you are logging in on, as it uses Bluetooth's Nearby Device function to detect the device. The computers you login on must have Bluetooth support. The phone and computer must have Bluetooth turned on, but do not need to be paired.

Using a phone (that is storing a passkey) to approve a login on a PC

Now when you login, you will be prompted to Verify Your Identity. Click Verify.

Select iPhone, iPad, or Android device.

Scan the QR code with your phone and tap Use passkey when it appears.

Use your phone's biometrics to approve your login.

Passkey stored on a computer

Clicking Register Passkey will open this Windows Security prompt. Select This Windows device.

Click Continue and enter your Windows Hello PIN.

This will save the passkey to your device. Once this is set up, you will only be able to login from this device, unless you set up passkeys for other devices as well.

Using the passkey stored on the computer to approve a login

When logging in, you will be prompted to Verify Your Identity. Click Verify.

Enter your Windows Hello PIN.

Your login on this device will be approved.

To add an additional passkey (e.g. your phone, to allow logins on other devices), you can go to View Profile | Settings | Advanced User Details, scroll down to Built-in Authenticators and click Add.

 

Was this article helpful?

Yes
No
Give feedback about this article

Related Articles

  • How do I grant Login Access to the RIO Team
  • Dynamic Dashboard limit error
  • Missing Salesforce Identity Feature
  • Translate REDU terms to customer specific org
  • Metadata installation error: Cannot specify a startsWith attribute for this language
RIO Education

RIO Education, a WDCi Company. This information is proprietary, confidential and protected by copyright ©2024.

CONTACT

Get in touch

  • Privacy
  • Terms of service

Knowledge Base Software powered by Helpjuice

Definition by Author

0
0
Expand