<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
MFA for RDP Always Prompts as High Risk Number Challenge
Nov 19, 2025
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview
MFA for RDP Always prompts as a High Risk number challenge despite the fact that the logins are not High Risk, and done from a previously used device. 
Applies To
  • MFA for RDP
  • RDP
  • ADFS
  • Multi-Factor Authentication (MFA)
Cause

This behaviour is to be expected because RDP, as well as ADFS for that matter, have an embedded browser that they use and that browser does not save the user sessions.

Solution

The only way to eliminate the number challenge from the RDP and ADFS plugins is to eliminate the number challenge prompt. Setting the Number Challenge for Okta Verify Push to "Never" is recommended, as this is a tenant-wide setting.

Recommended content

Still looking for help?
Loading
MFA for RDP Always Prompts as High Risk Number Challenge