Sunday, April 8, 2012

Avoiding the Salesforce verification code activation

In the majority of cases the Salesforce verification code isn't too much of an issue. You access Salesforce from an unknown IP address, they email you a six digit code which you enter and then carry on.

However, there are cases where accessing this email can be particularly difficult. E.g.

  • Shared login credentials for development orgs (only one person gets the email)
  • After a Sandbox refresh where email addresses have a suffix
  • Apps on mobile devices that are roaming between different network connections.

In the simplest solution you add your known trusted network IP ranges and then carry on.

If that doesn't work you could try raising a case with Salesforce support to disable this feature for your org.

Alternatively, you could add every possible IP address to the Trusted Networks. This is simple in theory, but Salesforce will only allow you to add IP ranges of 33,554,432 addresses (225, a /7 CIDR block).

Doing so manually for every possible IP address will be time consuming as you will need 128 IP ranges.

I did find a package that will automate the process - Enable All Trusted IP Ranges for a Salesforce Org.
I'd probably advise against it in a production org but it was useful for a developer edition org.