目录

Step 1:  Set Multi-Factor Authentication Login Requirements

  1. From Setup, enter Profiles in the Quick Find box, then select Profiles.
  2. Select a profile.
  3. Scroll to Session Settings, and find the Session security level required at login setting.
  4. Click Edit, and select High Assurance.
  5. Click Save.
  6. From Setup, enter Session Settings in the Quick Find box, then select Session Settings.
  7. In Session Security Levels, make sure that Multi-Factor Authentication is in the High Assurance column.

If Multi-Factor Authentication is in the Standard column, users get an error when they log in with a method that grants standard-level security.

https://help.salesforce.com/articleView?id=security_require_two-factor_authentication.htm&type=5

Step 2: Enable U2F Security Keys for Identity Verification

  1. From Setup, enter Session Settings in the Quick Find box, then select Session Settings.
  2. Select Let users verify their identity with a physical security key (U2F).
  3. Save your changes.

As with other identity verification methods, you can use standard tools in Salesforce to track users’ security key usage.

  • View users’ security key activity on the Identity Verification History page.
  • Monitor security key adoption using the Identity Verification Methods report. The link is on the Identity Verification History page.
  • Create user list views that include the Has U2F Security Key field to see who has registered this method.

https://help.salesforce.com/articleView?id=security_u2f_enable.htm&type=5

Refer To : From Yubikey Support

Setting up U2F YubiKeys for Users in SalesForce (Administrators)

https://support.yubico.com/hc/en-us/articles/360016649219-Setting-up-U2F-YubiKeys-for-Users-in-SalesForce-Administrators-