<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Enable or Disable Email as a Factor
Oct 6, 2025
Okta Classic Engine
Multi-Factor Authentication
Overview

This document provides details on how to enable/disable Email Authenticator as a multi-factor authentication option, as well as how to enable / disable the "Confirm your email address notification" that contains a code.

Applies To
  • Multi-factor Authentication
  • Okta Classic Engine
Solution

To enable Email as an authenticator, follow the below steps: 

  1. These settings can be reviewed on the Admin Dashboard.

  2. Navigate to Security> Multifactor.

  3. The Factor Types pane would list out all the approved Multi-factor options available.

  4. Go to Email Authentication. In the right corner is an Inactive button. Click on it and select Activate.

  5. One can also edit Email Authentication Setting to set how long the OTP token lifetime is set in minutes.

  6. The Factor Enrollment tab dictates which factors are required versus optional during enrollment.

  7. One can set a factor to optional or required depending on the use case.

To disable Email as an authenticator, follow the below steps: 

  1. Go to the Admin Dashboard.

  2. Navigate to Security > Multifactor.

  3. The Factor Types pane would list out all the approved Multi-factor options available.

  4. Go to Email Authentication. In the right corner is the Active button. Click on it and select Deactivate.

    A warning pop-up like the one below might be received when deactivating Email Authentication. This means the Email is used as an authenticator in one or multiple Authentication policies. 

    Error

    The policies that are using e-mail as an authenticator will be listed in the warning message (in the example above is the Default Policy that uses an Email authenticator). These policies need to be reviewed and modified in such a way that the Email not to be required in any circumstances as an authenticator. Please note the Email Authentication should be set as Disabled. Setting it as Optional will generate the same warning message when retrying to deactivate the Email Authentication. 
     

  5. Once the policies are modified and any possible scenario no longer requires Email Authentication, repeat step 4. 

  6. Now, the Email Authentication should be deactivated. 

Recommended content

Still looking for help?
Loading
Enable or Disable Email as a Factor