How to Disable the Salesforce IP Verification Mail? Users see the verification page when they login to CRM Online.
Configure the Organization-Wide Trusted IP Address List.
For all users, set a list of IP address ranges from which users can always log in without receiving a login challenge. When users log into Salesforce, either by the user interface, the API, or a desktop client (such as Connect for Outlook, Salesforce for Outlook, Connect Offline, Connect for Office, Connect for Lotus Notes, or the Data Loader), Salesforce confirms that the login is authorized as follows:
- Salesforce checks whether the user profile has login hour restrictions. If login hour restrictions are specified for the user profile, any login outside the specified hours is denied.
- If the user has the Two-Factor Authentication for User Interface Logins permission, Salesforce prompts the user for a time-based token (which the user may also be prompted to create if it is not added to the account) upon logging in.
- If the user has the Two-Factor Authentication for API Logins permission and a time-based token has been added to the account, Salesforce returns an error if a time-based token is not used to access the service in place of the standard security token.
- Salesforce checks whether the user profile has IP address restrictions. If IP address restrictions are defined for the user profile, any login from an undesignated IP address is denied, and any login from a specified IP address is allowed.
- If profile-based IP address restrictions are not set, Salesforce checks whether the user is logging in from an IP address they have not used to access Salesforce in prior attempts.
- If the user login is from a browser that includes a Salesforce cookie, the login is allowed. The browser contains the Salesforce cookie if the user has previously used that browser to log into Salesforce, and has not cleared the browser cookies.
- If the user login is from an IP address in the organization trusted IP address list, the login is allowed.
- If the user login is from neither a trusted IP address nor a browser with a Salesforce cookie, the login is blocked.
- Whenever a login is blocked or returns an API login fault, Salesforce verifies the user identity.