How to Set Up Salesforce Login Hours

Each business operates on its own schedule – whether it is the usual 9-5, round-the-clock 24/7, or any other time slot. Most users (except workaholics, maybe!) would like to keep working within office hours, so ideally, access to the Salesforce org should be limited to the time range that a business operates. Managing access to Salesforce within specified time frames is not just about user convenience but can also be a critical aspect of security.

Have you ever wondered how to control when users can access your Salesforce org? Login hours give admins the capability to define specific time periods during which users can log in, helping maintain security and compliance. They can serve as a fundamental component of security measures within the org, ensuring that users cannot access the platform outside the time range designated by the business. This can also enhance staff productivity, as each user will be required to work only within the specified time frames. In this tutorial, we’ll guide you through the steps in setting up login hours…

Setting Up User Login Hours

It’s important to note that a user’s login hours are defined via their profile.

• Log in to your Salesforce org and navigate to Setup.
• In the quick find box, type “Profiles” and select it from the results.
• Click the name of the profile of the user you’d like to set up login hours for.
• Scroll down to System, and click “Login Hours”.

• Click “Edit”.
• Set the days and times that the users of this profile can log in to the org.
  • To allow login at any time within the day, select “Clear Times”.
  • To block login on a specific day (e.g. block access for a whole day), set the Start and End Times to 12:00 AM.
  • In this example, the users from the Admin Team profile are set to log in within weekday office hours (8:00 AM – 6:00 PM) with Saturdays cleared for voluntary overtime (users can log in at any time) and Sundays completely blocked (users cannot log in at all).

• Hit “Save”. Easy-peasy!

Notes on Time Zones

When the login hours are set for the first time on a profile, the time zone follows the org’s default time zone. This can be found in Setup > Company Information.

This is set only on the first login hours set up on the profile. In the event that the org’s default time zone has changed (or even the user’s time zone), the login hours’ time zone stays the same.

Also, the time zone appears differently depending on how you’re viewing the login hours. From the Login Hours edit page (image above), it follows the org’s default time zone on the first time the login hours were set. But from the profile itself (before getting into the Login Hours edit page), it follows the viewing user’s time zone.

In the screenshot below, my user’s personal time zone is set to EDT, so the time appears in EDT instead of PDT.

Testing Login Hours Restrictions

To ensure that login hours restrictions are functioning as intended, attempt to log in to Salesforce outside of the designated time range. I did this and was denied access. In an attempt to reset my password during this time, I even received this email:

Login hours can be adjusted as needed to accommodate changes in the company’s schedules or user access requirements. Admins can edit existing login hours or create new sets of login hours as necessary.

Summary

Not all companies or businesses may need to set up login hours, but it can be a valuable tool for controlling user access and enforcing security policies. By defining specific time frames for user login, organizations can enhance security while also managing productivity. And since it’s controlled only via profile, setting it up is pretty straightforward!

Would you consider implementing this functionality in your org? Let us know in the comments!