<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeKnowledge Base
Multi-Factor Authentication (MFA) for Okta Learning & Certification
Nov 18, 2025
Additional Resources
Overview

Below, you will find what the new login experience will look like and the actions we recommend Admins should take to ensure their users have a seamless login experience. 

Applies To
Solution

In our continuing effort to improve our customers’ security posture, Okta now requires MFA to sign in to the Okta Learning and Certification portals. Adding MFA will make it more difficult for malicious users to access sensitive data and will enhance the site's security.

 

When logging into the Okta Learning portal from learning.okta.com, select the Continue with Okta Workforce Identity Cloud button.

 

If you are a federal customer or want to create an Okta Digital Experience account, follow the steps outlined in Create an Okta Digital Experience account for Okta Learning or Certification.

 

Customers

  1. Visit Okta Learning, and click Sign In, which will prompt you to this page.
    You will also be prompted to sign in when registering for a course or exam.
    okta Learning Continue with Okta Workforce Identity
  2. After clicking Continue with Okta Workforce Identity, you can select your organization, or you will be asked to enter your organization URL:
    Enter your Okta organization URL 
    Select account to sign in 
  3. If you are on Okta Identity Engine (OIE) and using FastPass, you will be authenticated and redirected straight to Okta Learning.
    • This means your Okta org has an authentication policy applying to your Okta Dashboard application that requires two factors, including a strong authentication factor.
      Sign in with Okta FastPass 
    • If FastPass is not used, you will be asked for a password or to use another authenticator (Google Authenticator, another time-based one-time passcode (TOTP), or Auth0 Guardian App), depending on your organization’s authentication policy.
      Verify with your password 
      Verify it's you with a security method 
  4. If you are on Okta Classic Engine, you will be asked for your username and password.
    • This means your Okta org has an authentication policy applying to your Okta Dashboard application that allows using one factor or multiple weak factors.
      Okta sign in 
    • You may be asked for an additional factor depending on your organization’s authentication policy  (Okta VerifyGoogle Authenticator, another time-based one-time passcode (TOTP), or Auth0 Guardian App).
      Enter your Google Authenticator passcode 
  5. If you did not use at least 2 factors, one of which is strong, you will be requested to Keep Your Account Safe by adding another authentication method (Okta VerifyGoogle Authenticator, a similar app, or Auth0 Guardian App).
    • After which, you will be requested to save a recovery key, followed by a prompt to enroll a passkey for faster login.
  6. After completing this step, you will be logged into the Okta Support Center. 

 

Tips for Okta Admins

To avoid having your users set up a separate factor for Okta Support Center access, your Okta org must have a global session policy that requires MFA, and the Authentication Policy that applies to the Okta Dashboard requires at least one strong authenticator.
NOTE: These strong factors are available to all customers with the exception of Okta Verify - Push, which requires MFA or an MFA SKU. 

 

Instructions on how to configure this can be found below.

 

  • Okta Identity Engine (OIE) - If you do not want your users to be prompted to register for MFA, restrict the policy to only accept strong factors. You can enable a global session policy that requires MFA and an authentication policy applying to the Okta Dashboard application that requires two authentication factors, one of which should be Okta Verify - FastPass, Okta Verify - Push, FIDO2/WebAuthn Security Key, or Google Authenticator. To view instructions on how to create, add, and edit a global session rule, see Create a global session policy.
    • NOTE: FastPass is treated as a single factor, so another factor, weak or strong, would need to be provided by the user to avoid having to enroll a new one before accessing the Okta Support Center.
  • Okta Classic Engine - We recommend enabling one of these strong authenticators, Okta Verify - push or FIDO2/WebauthN Security Key, in your Default Okta sign-on policy. To view instructions on how to create, add, and edit your Okta sign-on policy, see Configure an Okta sign-on policy.
    • Consider upgrading to Okta Identity Engine at no cost to gain increased control over protecting your apps and resources. After completing the required analysis, the upgrade itself is quick and requires no downtime. Learn more about the new features and how you can upgrade at Okta Identity Engine Automation Upgrade Page.

 

Still having trouble accessing your account? 

If you are still experiencing login or account recovery issues, we recommend the following:

  • Okta users should contact their respective Okta administrator, who will have the required access and permissions to assist them further.
  • Okta administrators who are the sole user administrator and need assistance or guidance with MFA enablement can send us an email to learning@okta.com from the associated address. 

 

Recommended content

Still looking for help?
Loading
Multi-Factor Authentication (MFA) for Okta Learning & Certification