A user receives a new phone or tablet and installs Okta Verify. However, the application fails to receive push notifications, or Okta rejects the Multi-Factor Authentication (MFA) codes it provides during an authentication challenge.

When a user replaces a device, Okta Verify requires re-enrollment because Okta ties the account to the original hardware. To resolve this, the user must set up Okta Verify on the new device via the Okta End-User Dashboard or by using Bluetooth to synchronize from the original device. After setting up the new device, Okta Verify push notifications and MFA codes function correctly.

• Okta Identity Engine (OIE)
• Okta Classic Engine
• Okta Verify
• iOS devices
• Android devices
• Multi-Factor Authentication (MFA)

When a user enrolls a device in Okta Verify, Okta links the account to the specific application and hardware. Consequently, replacement devices require re-enrollment to ensure that push notifications and codes function correctly. Additionally, restoring a device from a backup removes stored biometric data, necessitating re-enrollment.

How does a user set up Okta Verify on a new device?

The following video demonstrates the Okta Verify setup process on a new iOS or Android device.

NOTE: If the user cannot sign in or access their settings because the organization requires Okta Verify, the user must contact their Information Technology (IT) team to request a multifactor authentication reset.

Scenario 1: The original device is available.

Add an existing Okta Verify account to a new device using Bluetooth by opening the application on the original device, selecting the account, and scanning the QR code on the new device.

1. Open Okta Verify on the original device.
2. Select the account.
3. Choose Add account to another device and follow the instructions.
4. Install Okta Verify on the new device.
5. Open the application and select Add Account from Another Device.
6. Scan the QR code displayed on the original device.
7. Enter the 6-digit Personal Identification Number (PIN) displayed in Okta Verify on the new device into Okta Verify on the original device to confirm the pairing.
8. Follow the instructions to complete the setup.

Scenario 2: The original device is not available.

Add a new device from the Okta End-User Dashboard by signing in with a different factor and navigating to the extra verification or security methods settings.

1. Sign in to Okta using a different factor.
2. Select the Name dropdown menu in the Okta End-User Dashboard.
3. Choose Settings.
4. Navigate to Extra Verification or Security Methods.

NOTE: This section appears only if the organization configures it as an option. If it is not present, the user must contact the IT team.

The Okta Verify enrollment QR code is not recognized.

Scanning the Okta Verify enrollment QR code securely links the new device to the user account. Ensure the user selects the correct device type (iPhone or Android) when enrolling in Okta Verify. Selecting the incorrect device type causes Okta to return the following error:

Unrecognized QR code.

To resolve this error, the user must request a multifactor authentication reset and clear the browser cache and cookies.

How is an existing account removed from Okta Verify?

NOTE: If a user restores Okta Verify on the device from a backup, they might need to remove the existing accounts from the Okta Verify application, then re-enroll them using the steps above.

Remove an account on iOS devices by opening the application, editing the accounts, and deleting the specific entry.

1. Open the Okta Verify application on the device.
2. Select Edit.
3. Choose the red icon next to the account.
4. Tap Delete.

Remove an account on Android devices by opening the application, accessing the account options, and deleting the entry.

1. Open the Okta Verify application on the device.
2. Tap the three dots to the right of the account.
3. Tap Delete.

Related References

• Add your existing Okta Verify account to an iOS device by using Bluetooth