Edit an Organization

As an Account Administrator, you can edit an organization to specify a password policy,  allow your users to link their Account Manager account to an existing account in your organization in the Salesforce Platform, and specify the multi-factor authentication (MFA) settings for your organization to add an extra layer of protection beyond a single password and decrease the risk of account compromise.

To edit an organization:
  1. Log into Account Manager.
  2. Click Organization.
  3. Click the organization you want to edit.
    The organization detail page opens.
  4. (Optional) In the Organization Name field, modify the name.
  5. (Optional) In the Password Policy section, set the values for the following fields:
    Option Description
    Minimum Password Length Specifies the minimum length allowed for passwords. In general, the longer the password, the more secure it is.
    Length of Password History Specifies the length of the password history. Passwords that have been used already are not allowed, and the password history determines how many past passwords are remembered by Account Manager.
    Days Until Password Expires Specifies how long passwords are retained before they expire and must be reset.
    In addition to the Password Policy settings that you can specify. the following policies apply:
    • Minimum number of alphabetic characters in a password: 1
    • Minimum number of digits in a password: 1
    • Number of password policy categories that are cross-checked: 2
    • Maximum number of failed login attempts until an account is locked for 30 minutes: 6
  6. (Optional) In the Identity Federation with Salesforce Identity section, you can allow your users to link their Account Manager accounts with their Salesforce accounts in your Salesforce organization to provide Single-Sign-On (SSO) across your Salesforce products:
    • Allowed: Users can choose to link their Account Manager account to Salesforce Identity
    • Enforced: Users are forced to link their Account Manager account to Salesforce Identity
    • Disabled: Users cannot link their Account Manager account to Salesforce Identity. Already linked accounts cannot login to Account Manager. (Linked users can be unlinked by resetting their accounts)
    • The My Domain Subdomain Name of your organization in Salesforce Core needs to be specified
    • The IP Relaxation for the Connected App Commerce Cloud Account Manager in your Salesforce Core organization might need to be changed to Relax IP restrictions.
  7. (Optional) In the MFA Verification Method Settings section, define if you want to allow Salesforce Authenticator as multi-factor authentication (MFA) method only or if your users can choose between Salesforce Authenticator, TOTP authenticator apps, and FIDO2-compliant U2F security keys that support web authentication (WebAuthn).
  8. Salesforce recommends that you select MFA enabled for all users in the organization to enforce multi-factor authentication (MFA) for all users in your organization. Alternatively, you can enable multi-factor authentication (MFA) for each role individually.
    To enable MFA for a role: 
    1. Click Add next to MFA User Settings.
    2. Search and select the roles that require multi-factor authentication.
    3. To enable multi-factor authentication for the selected roles, click Add.
      To disable MFA for a role, click the trash bin icon next to the role.
  9. Click Save.
Related tasks
Log into Account Manager

© Copyright 2000-2020, salesforce.com inc. All rights reserved. Various trademarks held by their respective owners.

 Show URL Submit FeedbackPrivacy Policy
X Privacy Update: We use cookies to make interactions with our websites and services easy and meaningful, to better understand how they are used. By continuing to use this site you are giving us your consent to do this. Privacy Policy.