MFA - Third-party authenticator apps


What are third-party TOTP authenticator apps?


All of the Salesforce products, including Heroku, that have MFA functionality support the use of third-party authenticator apps as verification methods for MFA logins. You can use any authenticator app that generates temporary codes based on the OATH time-based one-time password (TOTP) algorithm (RFC 6238). There are many free and paid authenticator apps to choose from. Widely-used options include Google Authenticator, Microsoft Authenticator, and Authy.

To log in using this type of verification method, the user gets a code from a TOTP authenticator app, then enters that code during the Salesforce login process. See Third-Party Authenticator Apps for setup instructions.

Note: Setting up a PIN or biometric requirement on their mobile device is highly recommended. This extra requirement ensures that unauthorized parties aren’t able to access your authenticator app.

Ask on Stack Overflow

Engage with a community of passionate experts to get the answers you need

Ask on Stack Overflow

Heroku Support

Create a support ticket and our support experts will get back to you

Contact Heroku Support