Login Hours is a security feature in Salesforce that allows administrators to control when users can access the system based on their profile. This configuration setting enables organizations to restrict user logins to specific hours of the day and days of the week, providing an additional layer of…Login Hours is a security feature in Salesforce that allows administrators to control when users can access the system based on their profile. This configuration setting enables organizations to restrict user logins to specific hours of the day and days of the week, providing an additional layer of security and compliance management.
To configure Login Hours, administrators navigate to Setup, then search for Profiles, select the desired profile, and click on Login Hours in the related list. From there, you can set the allowed login times for each day of the week by specifying start and end times. The times are based on the organization's default time zone or the user's individual time zone setting.
When Login Hours are configured, users assigned to that profile can only log in during the specified time windows. If a user attempts to log in outside of the permitted hours, they will receive an error message and be denied access. However, it is important to note that if a user is already logged in when the restricted period begins, they will not be automatically logged out but will be unable to perform any actions until they log in again during permitted hours.
Login Hours work at the profile level, meaning different profiles can have different login hour restrictions. This allows organizations to set varying access schedules for different user groups. For example, sales representatives might have extended hours compared to administrative staff.
This feature is particularly useful for organizations that need to enforce business hour access only, comply with regulatory requirements, reduce security risks during off-hours, or manage international teams across different time zones.
Administrators should carefully plan Login Hours configurations to ensure they align with business operations and user needs while maintaining appropriate security standards. Testing the configuration with a subset of users before full deployment is recommended.
Login Hours in Salesforce: Complete Guide for Administrators
What Are Login Hours?
Login Hours is a security feature in Salesforce that allows administrators to restrict when users can access the system based on their profile. This feature enables organizations to define specific time windows during which users assigned to a particular profile can log in to Salesforce.
Why Are Login Hours Important?
Login Hours serve several critical business and security purposes:
Security Enhancement: By limiting access to specific hours, organizations reduce the risk of unauthorized access during off-hours when suspicious activity might go unnoticed.
Compliance Requirements: Many industries have regulatory requirements that mandate controlled access to sensitive data during specific time periods.
Resource Management: Organizations can ensure users only access the system during their designated work hours, supporting better workforce management.
Cost Control: For organizations with usage-based licensing or support contracts, restricting hours can help manage costs.
How Login Hours Work
Login Hours are configured at the profile level, meaning all users assigned to a particular profile share the same login hour restrictions.
Key Characteristics:
• Settings are defined for each day of the week separately • Hours are set in 30-minute increments • Time zones are based on the organization's default time zone, NOT the user's individual time zone • When login hours are not set for a day, users cannot log in on that day at all • If a user is already logged in when their allowed hours expire, they are NOT automatically logged out but will be prevented from performing any further actions
How to Configure Login Hours
1. Navigate to Setup 2. Enter 'Profiles' in the Quick Find box 3. Select the desired Profile 4. Click on 'Login Hours' in the profile detail page 5. Click 'Edit' 6. Set the start and end times for each day of the week 7. Click 'Save'
Important Technical Details
• Login Hours apply to both the Salesforce web interface and API access • The restriction uses a 24-hour clock format • Setting both start and end time to the same value (e.g., 12:00 AM to 12:00 AM) allows 24-hour access for that day • Leaving a day blank means NO access is permitted on that day • Login Hours cannot be set at the user level - only at the profile level
Exam Tips: Answering Questions on Login Hours
Tip 1: Remember the Scope Login Hours are ALWAYS set at the profile level. If an exam question asks about restricting a single user's login times, remember you cannot do this with Login Hours alone - you would need to assign that user to a separate profile.
Tip 2: Time Zone Awareness A common exam trap involves time zones. Login Hours are based on the organization's default time zone, not individual user time zones. This is crucial for scenarios involving users in different geographic locations.
Tip 3: Behavior After Hours Expire Users already logged in when their allowed hours end are NOT kicked out of the system. However, they cannot perform any new transactions. Expect questions testing this specific behavior.
Tip 4: Blank Days Mean No Access If login hours are not specified for a particular day, users CANNOT log in on that day. This differs from having full access - blank means restricted, not unrestricted.
Tip 5: Distinguish from Login IP Ranges Exam questions may try to confuse Login Hours with Login IP Ranges. Login Hours restrict WHEN users can access, while Login IP Ranges restrict WHERE (from which network locations) users can access.
Tip 6: API Access Is Included Login Hours restrictions apply to API calls as well as standard logins. If an integration runs outside the allowed hours, it will fail for users on restricted profiles.
Common Exam Scenarios
• A company wants employees to only access Salesforce during business hours (9 AM - 6 PM) on weekdays • Users in different time zones experiencing unexpected access issues • Integration failures occurring during overnight batch processes • Questions about what happens to active sessions when login hours expire