Salesforce Logo

Salesforce Authenticator

Authenticator offers proactive identity verification on your wrist or your phone.


Lead UX Designer


UX Design, UI Design, Mobile Design, Wearable Design, Moderated Usability Testing

Project Overview

Security is one the most critical factors when customers are deciding on who they should trust with their data. When we were kicking off our Lightning redesign, we acquired a company called Toopher, which allows for a proactive, geo-based and automated second factor of verification for any action you can perform. The main application for this was for logging in, so if you’re authenticating from your office every day, you can automate your second factor of verification. It also has the potential to be used as an extra approval step before moving large sums of money or deleting a user account.

Since we were merging an acquisition and integrating technologies that change the way we think about authentication, we thought it would be an advantageous time to redesign the experience of our Authenticator app.

Problem Statement

It’s hard to get people to care about security, so making it as invisible and effortless as possible is key to adoption. Two-factor authentication improves the security of your accounts by requiring additional information after logging in before you can access your data. This way if someone steals or guesses your password, they can’t get into your account without your second-factor of authentication. This has traditionally been a code that you have texted or emailed to you - think about logging into your bank. You can also open up an app that generates random codes after you’ve paired your account, but this can be a clumsy and time-consuming process, especially if you have two-factor enabled for many of your accounts.


Personas & Use Cases

# # # #

Salesforce Users

Sales Cloud Activities

Training reps, prepping for meetings, closing deals and answering inbound leads

Service Cloud Activities

Providing direct customer support, solving cases, creating and updating Knowledge articles

Admin Activities

Creating page layouts, custom fields, workflow rules, and approval processes.

As a Salesforce user, I need a second form of authentication when logging into Salesforce so that I have higher confidence that no one but myself is using my username.

Learn more about Salesforce personas on Trailhead.

Product Designs & Interactions


When a user first downloads and opens the app, they’re shown a tour that introduces them to features of the app.


Paired Accounts

When a user pairs their accounts, they can quickly identify their account by the service name or logo. A timer is displayed to show how much time is left for that specific code and uses color to communicate the stage of the timer countdown.


Approve or Deny

Salesforce users and customers can choose to use the new push-based approval process instead of asking for the six-digit code shown on the home screen. When a user enters their username and password, a notification is pushed to their app that asks the user to approve an action. They see the type of request, username, service, device type and location of the activity.

The coolest part of all of this? Automate your approval or denial based on your location. So if you’re logging into Salesforce from the same coffee shop every day, we’ll verify your location and automatically log you in without asking you for anything else.


Easy to Reorder

For accounts that don’t have push-based notifications enabled, codes are still the best option. For the services you log into most, you can drag and drop those accounts to be in whatever order you want. Just press and hold and reorder to fit your needs.


Wearable Authentication

A fun part of this project was designing for the wearable experience. This was right when Apple Watch was released, and after a host of Android Wear watches were making it to the market. I used the form factor to our advantage and tried new things like using the bezel to show the timer progress.


Notifications at a Glance

A benefit of using a wearable device is not needing to pull your phone out of your pocket throughout the day to check the time, your notifications or to compulsively check your social media accounts. Now you don’t need a phone at all. Notifications give users at-a-glance capabilities to check inbound messages quickly and effortlessly.