Salesforce1 App does not Recognize Device Fingerprint


Affected SecureAuth IdP Versions: All Versions


The Salesforce1 app doesn't allow users to bypass two-factor authentication even though a fingerprint is logged for the device.


The Salesforce1 app does not accept cookies, so when SecureAuth tries to match the fingerprint ID with the cookie ID, it fails.


You will need to change the device fingerprinting settings to prevent SecureAuth from trying to match the fingerprint ID with the cookie ID.


Here is a sample configuration:




There are two main settings that you'll want to change:

System Components

Host Address/IP: 15% -> 5% or less

Mobile Settings

Match FP Id in cookie: True -> False


The other settings are optional, but makes the authentication more flexible:

System Components

Timezone: 6%

Screen resolution: 10%

Mobile Settings

Authentication threshold: 90%

Update threshold: 85%


If you change these settings, you are lowering your security as it will be more lenient for the 2nd factor bypass. Make sure you find the right balance between security and convenience!

0 out of 0 found this helpful



Please sign in to leave a comment.