Registering a Built-In Authenticator

⚠️ Salesforce Admins: Don't let your users get locked out.

I've spent the last few weeks helping CRMingo clients prepare for Salesforce's phishing-resistant MFA requirements.

One thing I've noticed is that the official documentation explains the requirements well, but many organizations are still struggling with the actual user setup process. Salesforce administration, identity management, and security administration don't always overlap, especially in small and mid-sized businesses.

With enforcement approaching and documentation still evolving, I wanted to make the rollout a little easier.

To help, I created a step-by-step guide that walks users through registering a built-in authenticator, including practical instructions and screenshots for Windows Hello, mobile passkeys, and security keys.

If you're preparing for Salesforce's phishing-resistant MFA rollout, feel free to use it and share it with your users. If this helps your team, please share it with other Salesforce admins who may still be working through the transition.

My goal is simple: help organizations avoid unnecessary lockouts and last-minute scrambling.

I'd also love to hear from anyone who has already completed their rollout. What challenges did you run into?

-Stephanie Boggs, Founder & Salesforce Consultant