Create Roles without IP Address Restrictions
Two-factor authentication is the preferred alternative to restricting access by IP address. For more information, see Two-Factor Authentication (2FA).
You can make exceptions to your IP address rules by customizing roles. By default, all roles are restricted by the IP address rules you set at Setup > Company > Company Information and on employee records. Customize roles to create roles that are not restricted by these rules. Your employees can then access certain roles from anywhere and restricted roles from only the machines you specify.
To customize a role so that it does not have IP address restrictions:
-
Go to Setup > Users/Roles > Manage Roles.
-
Click Customize next to the role type you want to assign without IP rule restrictions.
-
In the Name field, enter or accept the name for this non-restricted role.
-
Clear the Restrict this role by IP Address box.
-
Click Save.
Now, when assigning roles on the Access tab of employee records, you can assign this new custom role without IP address restriction. This employee can access the custom role from any computer, regardless of the IP address rules set on the employee record or at Setup > Company > Company Information.