Trusona In-Depth Review [The AppAssessor #9]

Share this article...

– Professional and Up

– Doesn’t count towards object / tab limits

– Lightning Ready (N/A


– Patent-pending Anti-Replay technology to prevent hacking

– True No Username & No Password login to

– Cheap price (starting at 1 USD per user, per year)

– Expanding list supporting products– G Suite Support


– Integration with Salesforce is just a small part of the product

– Requires a Domain to be setup in Salesforce

– Alternative is Salesforce Lightning Login (free)

Password and username combinations are a fundamental, and often frustrating part of how we interact with technology in this information era. Trusona aims to solve this problem through their smartphone app or an SDK in your app, completely removing the need for passwords while enhancing security measures.

Trusona is being utilized across various industries, including government entities, healthcare industries, and financial services, media companies, and higher education. Key clients include Grand Canyon University, Cetera Financial Group, and Georgian Partners. Their success and innovative concept has also given them investment partnerships with Microsoft Ventures and Kleiner Perkins.


One of Trusona’s products is the ability to add a #NoPasswords way for users to access Salesforce.

When clicked, this will redirect the user to a screen with a QR code and require launching the Trusona mobile device app in order to successfully login to the environment.

The app uses the device’s touch ID or a designated pin in order to validate the user’s credentials (based on personal preferences) and will then open the device’s camera for scanning the QR code.

As soon as the code is scanned and access confirmed on the mobile device, the screen will automatically change and login to Salesforce. No need to remember passwords or usernames!

Credentials for a Trusona account are linked to a registered email address and this can be used across multiple devices. This means that in the scenario where a phone goes missing, Trusona won’t lock the user out of Salesforce forever. Depending on your login configuration, you can also still use your Salesforce username and password as an alternative means for accessing the org.

One of the most appealing assets to Trusona and why so many security depedent industries opt for Trusona, is its patent-pending anti-replay functionality. Anti-replay is essentially a mechanism to prevent any form of hacking by enforcing that every login is always unique.

Trusona can be implemented for any internet service which requires authentication today. Trusona has also built plug-ins for various other out-of-box platforms.  With the list constantly expanding, other key systems to note besides salesforce include WordPress (free!) and G Suite (Gmail, Google Drive, Google Docs, Google Calendar).

Trusona has a range of tiers for different methods of security. Trusona for Salesforce implements Trusona’s “Essential” Level Trusona “Executive” adds the requirement to scan an ID card such as a drivers license and “Elite” requires a token and swiping a card to validate its magnetic signature (the black strip). Trusona Executive and Elite are available only for custom implementations.


Removing username and passwords can dramatically increase user experience as it can be frustrating when someone forgets their passwords, or their “remember me” settings get erased.

If your company uses any of the other platform’s that Trusona supports, this could be an opportunity to synchronise multiple user logins. The impact in doing so means that it will make the lives of admins a lot easier and makes things simpler for your users.

If users are required to remember username/password combinations, there’s also the chance this information is stored by someone in a notepad file or on a piece of paper, which could be a risk for security.

This also encourages best practices around security, which is particularly important for sensitive system information or even as a legislation requirement.

Trusona is something that can also play a big part in user adoption and improving the user experience, especially if remembering multiple logins are a pain point in your business. This removes not only frustration, but is an engaging and innovative way to login to your Salesforce environment.

One alternative to point out, is Salesforce Lightning Login. This is something that’s natively supported by Salesforce, however is strictly limited to accessing the Salesforce platform (unlike Trusona). It’s worth exploring which type of login your users might prefer and trialling out both options, and if you need more information on security metrics, feel free to review the Salesforce Whitepaper and Trusona Whitepapers.


It’s very simple to setup Trusona, and even though the steps to integrate the product are heavy in Jargon, the installation walkthrough makes the experience seemless.

A pre-requisite of the setup process is implementing a domain in Salesforce if your org doesn’t have this configured already. This is definitely something that’s recommended to do and often overlooked in Salesforce instances. Keep in mind though, you should review any existing integrations before implementing this change and note that this will mean a URL change for users.

There will be some work required with the support team to validate the user records and relay system information (signed certificates), but the process is overall something that any admin user do with ease. This will also require making changes in the Single-Sign-On settings area which might sound frightening, but the installation guides are so straightforward that you shouldn’t have any issues.

From here you’ll then need to configure your domain to either require the use of Trusona, or add it in as an alternative to the standard Salesforce login. You can also enforce that specific profiles in the system require the use of Trusona, but this does require more experienced Salesforce knowledge to configure.

If you also have a Salesforce community, this could be worth exploring for your community members, especially if these users might use other platforms supported by Trusona.

For a user, they’ll be required to download the Trusona app for their Smartphones and register. They’ll be required to create a Trusona specific pin to use when logging in to the app (or alternatively a their device’s touch-id).

*Tip – if your user’s enter Salesforce with an email address domain (e.g @gmail) that differs from the company domain email address than follow step 5B in the integration guide.


Trusona offers a 14-day free trial and costs just 1 USD per user, per year thereafter for it’s Salesforce integration.

There are also different pricing options available for different combinations of the Trusona toolkit, so be sure to follow up with the team for more information.


A seamless way to login and the perfect Lightning login alternative!

Using Trusona has been a wonderful experience, and I would highly recommend downloading the trial version if your users are frustrated having to remember login details and have an additional layer of security.

Integration with Trusona for Salesforce

Add Comment