If you received an email from Salesforce with the title “Identity Confirmation Change with Spring ‘16 Release,” you may wonder if it will affect you and the other Salesforce users in your organization. The answer is: this security upgrade requires a small amount of effort to remind Salesforce that you are a trusted user, but it isn’t too much work on your end.
Salesforce has made this change to increase data security by ensuring that only the registered user has access to an account. It does this by keeping track of the cookies in your computer’s browser. Cookies are unique to a particular machine, so a person can only login automatically by using the same machine that they have used previously.
Any Salesforce user will still be able to access his or her account from any computer. However, before doing so you will have to retrieve an access code that will be sent to the email address attached to their account. By entering the code you can access your account. Salesforce will remember the cookies from the new machine as well as from the previous one.
How much you will be affected depends on how you and other users access Salesforce. Those of you who always access Salesforce from the same machine will not notice any difference at all.
People who are more likely to be affected are those who access their Salesforce accounts from multiple computers. This would include, for example, case managers or others who work at several sites and do not carry a laptop with them from place to place. However, once a user accesses Salesforce from the same set of computers over time, Salesforce will remember all the relevant cookies and no longer require that the user retrieve the access code. If this is not adequate, you may add “trusted IP ranges” to your Salesforce account to ensure that Salesforce recognizes and allows access via all the computers that users login with.
There are three simple ways to reduce the number of identity prompts:
Add trusted IP ranges to user profiles, change browser privacy settings to save cookies for Salesforce sites, and set trusted IP ranges for your organization. The screenshot below, taken from Salesforce’s mini-video about its changes to identify verification, explains in detail how to reduce the number of identify verification prompts. For more information on cookies or trusted IP ranges, contact your 501Partners Salesforce Consultant.