Hello my name is Bogdan from Okta customer support.
Curently Okta supports Windows Hello and U2F security key (FIDO 1.0). These two factors should allow your users to use MFA on their Desktops and sign-in into Okta. We also support Email Authentication as an MFA factor, though Email Authentication is not a best practice. When you add it as a factor, you must accept the risk of using it. The following message appears: We do not recommend that you use email as a second factor experience for Okta. This experience is a very insecure method of additional verification as:
Email can be compromised by third parties
Email is not always transmitted over secure protocols
Email can also be used, depending on the recovery flow, for primary credential recovery
Although we do offer email as a factor experience for convenience and to help our customers migrate off of legacy identity platforms, we do not consider it to be a secure, modern method for secondary authentication. To continue enabling this feature, please click "I accept the risk" below.” Using this Kb you can find additional details about the factors mentioned above. https://help.okta.com/en/prod/Content/Topics/Security/MFA.htm
Bogdan Musat Technical Support Engineer Okta Global Customer Care