OKTA MFA Policy Skip to main content
https://support.okta.com/help/answers?id=9062a000000xa6bqas&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fanswers
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Ask Search:
Rohit RoyRohit Roy 

OKTA MFA Policy

Is there a option where user can choose as many multifactor process he wants while logging into the OKTA org (Atleast 2 factors he have to choose,it is mandatory, other factors he may or may not choose)
Kevin TurnerKevin Turner (Okta, Inc.)
This will depend on the number of MFA types that have been configured aginst the Okta tenant and based on the registration policy that you define for the groups of users. If in the admin interface you select "Security", "Multifactor", "Factor Enrollment" policy tab. You can then define policies for different user types/groups, and then associate different rules for MFA option type(s). Below is an example for Admin users, what MFA types, and when the user would be expected to register for them.
User-added image

User-added image

User-added image

Hope that helps.
Rohit RoyRohit Roy
I have done this Kevin. I want to know if there is a option where user can choose which type of multifactor he/she wants out of 5 or 6 factors but he/she have to choose atleast 2 factors for going forward
Kevin TurnerKevin Turner (Okta, Inc.)
Yes, you would use the options of Required or Optional. So as I have on my example policy, admins must enrole for Okta Verify and the Yubikey token, but all others are optional, and Security Question is disabled.
Kishore DurbhakaKishore Durbhaka
I want to show mfa only once in certain timeframe and per device, can I do that?