How to Use Thetis U2F and FIDO2 Security Keys with Salesforce

To get started, you must be an Administrator and ensure that "My Domain" has been deployed correctly. If "My Domain" hasn't been deployed, please go to the setup home and search for "My Domain." Once the domain is functioning correctly, follow these steps to set up the security key:

1. Enable Two-Factor Authentication

First, log in to your Salesforce domain.

At the top-right corner of the website, click the setup drop-down menu and choose "Setup Home." In the "Quick Find" box, type "Permission Sets."

In the Permission Sets overview section, create a new permission set.

Fill out the required form, add a description for the permission set, and click save.

Go back to the Permission Sets overview, scroll down, and click "System Permissions."

Click edit and check "Two-Factor Authentication for User Interface Logins."

2. Register Your Security Key

Assign the permission to users by clicking "Manage Assignments" and then add assignments.

Go to the Quick Find box and type "Session Settings." Click on "Session Settings." Scroll down to "Identity Verification" and check "Let users use a security key (U2F)."

Ensure that "Two-Factor Authentication" is in the High Assurance box.

Go back to the Quick Find box, search "Users," and choose the user for whom you want to register a security key.

Click the user and find the "Security Key (U2F)" section. Then click "Register."

Salesforce will prompt you to log in again to register a key. Insert the security key and tap the button on it.

Now the security key has been registered. Log in again to test it.

Share this Guide

If you found this guide helpful, share it with your colleagues and friends:

Share on Facebook | Share on Twitter | Share on LinkedIn

Learn More

For a deeper understanding of FIDO2 technology and how it can enhance your online security, visit our detailed guide here. Explore our full range of security products here.