• Public

Multi-Factor Authentication

Skip Feed

  1. PramendraK.19393 (Customer)

    Yesterday at 3:08 AM

    Hi, we are seeing quite a lot of the MFA Failure notifications like these ones below, and originating from different countries, what does this mean and how to stop it please? Thank you

     

    image

    • 1 comment
    • 4 views

  2. IsaacB.81593 (Customer)

    February 28, 2026 at 8:03 PM

    Can Fido enrollment be simplified? Am I missing something?

     

    It seems to me that one used to be able to enroll a Fido factor (security key or print reader) by just choosing that option from the available authenticators and following simple prompts. This appears to have gotten more complex. I'm trying to enroll a physical key in Chrome.

     

    Prompt 1. "Create a passkey." 

    [I tried adding a screenshot, but app won't let me save the post]

     

    As an end-user, I'd be asking "what's a passkey and I don't have time to learn what it is." Hit "continue" and I'm being prompted by my browser's print reader and it enrolls the print reader. Never offers to enroll the key.

     

    Try "Save another way." 

     

    Prompt 2 "Choose where to save..."

    [I tried adding a screenshot, but app won't let me save the post]

     

    I figure the third choice makes sense, but I'd hate to be an end user, or the team that supports them.

     

    Prompt 3. QR code or key. 

    [I tried adding a screenshot, but app won't let me save the post]

     

     

    I tap the key and get enrolled. But can I keep that QR code away from my end users and simplify their path?

     

    We have "Block synced passkeys for FIDO2 (WebAuthn) Authenticators" enabled. Org is Classic. Device is Mac Sequoia. Browser is Chrome, 100% up-to-date.

     

    Thanks.

    Expand Post
    • 1 comment
    • 12 views

    • Paul S. (Okta, Inc.)

      Hello @IsaacB.81593 (Customer)​ Thank you for posting on our Community page!

       

      Enrolment should be straight forward, maybe something has been miss-configured or additional steps added to the enrolment. please see our doc below:

      https://help.okta.com/oie/en-us/content/topics/identity-engine/authenticators/configure-webauthn.htm

       

      If there are still issues I would recommend to Open a case with Support for additional assistance.

       

      Thank you for reaching out to our Community and have a great day!

      --

      Help others in the community by liking or hitting Select as Best if this response helped you.

      Expand Post

  3. Christina.J (Customer Support Online Community and Social Care)

    February 9, 2026 at 10:15 PM

    Did you miss our insightful Ask Me Anything session with an Okta product expert on Multi-

    Factor Authentication? Don’t worry—we’ve got you covered!

     

    Our recent Ask Me Anything session on adopting stronger multi-factor authentication (MFA) with Okta's product expert was packed with engaging discussions and valuable insights. If you missed it, don’t worry—we’ve rounded up the top highlights for you! Discover key takeaways on getting started, best practices, use cases, and more. Read the recap.

    • 17 views
    Paul S. and Mihai Negoita - Okta like this.

  4. Christina.J (Customer Support Online Community and Social Care)

    January 29, 2026 at 11:31 PM

    Is your MFA truly phishing-resistant? 🔐

     

    Our new technical deep dive on Okta FastPass details how Possession-Based Authentication, utilizing Cryptographic Binding and Origin Binding, combats AiTM attacks.

     

    Learn about the architectural mechanics, best practices for Global Session and Authentication Policy in OIE, and a strategic framework for a scalable, zero-friction passwordless rollout.

    • 1 comment
    • 22 views
    Paul S. and Mihai Negoita - Okta like this.

    • Paul S. (Okta, Inc.)

      Great deep dive—Origin Binding is key!

  5. Christina.J (Customer Support Online Community and Social Care)

    January 21, 2026 at 8:08 PM

    Check out the January Okta Community Monthly Buzz

    This month's edition features helpful insights from @John Cokkinias (Okta)​ on our recent Ask Me Anything (AMA) on MFA, details on the improved Okta Customer Success Hub, training and certification updates, member shout-outs, how-to support resources, new product features, and more. You can check out the latest and greatest highlights from our January Monthly Buzz here.

    • 16 views
    Mihai Negoita - Okta likes this.

  6. MarcusM.35725 (Customer)

    January 13, 2026 at 1:20 AM

    I need someone to contact me regarding two sources of MFA that are hitting my phone.

    I have 2 separate shortcode text MFA that I get, and they are NOT from anything I am doing. Both shortcodes "Help" direct me to Okta phone numbers, but I cannot interact because I am NOT a customer. Please someone contact me and help me find out which of these MFA codes are being sent to me from where so I can secure the login further. Text reads: ###### is your verification code. Valid for 5 minutes. No idea which company or where it comes from, only from Okta hosting the shortcode.

    • 1 comment
    • 20 views

  7. Christina.J (Customer Support Online Community and Social Care)

    January 6, 2026 at 6:32 PM

    Hi all! Our first Ask Me Anything of 2026 is happening on January 20, and it’s all about the adoption of stronger authentication MFA. With the start of a new year, there's no better time to reinforce your security postureWhile Multi-Factor Authentication (MFA) is the most effective defense against credential theft, simply enabling it isn't enough. You'll need to implement stronger, phishing-resistant authenticators across your entire user base! Whether you're curious about general insights on deploying, managing, or scaling stronger authentication MFA, now's your chance to get answers directly from an Okta product expert.

      

    Post your questions in the discussion thread here by January 19. On January 20, our product team will share written responses to everything you’ve asked.

    • 22 views
    Mihai Negoita - Okta likes this.

  8. IsaacB.81593 (Customer)

    July 9, 2025 at 7:10 PM

    SMS authenticator after "bring your own telephony."

     

    If an org uses SMS or voice as a factor and Okta's "bring your own telephony" policy comes into effect, what happens to accounts in that org that have only SMS or voice as factors?

    A. The account is no longer protected by MFA?

    B. The account can attempt to use SMS as an authenticator, but no message is delivered to the end user?

    C. Something entirely different?

     

    Thanks.

    • 1 comment
    • 48 views

    • Mihai Negoita - Okta (Okta, Inc.)

      Hi @IsaacB.81593 (Customer)​ , Thank you for reaching out to the Okta Community! 

       

      The SMS/voice authenticator itself is still technically configured for the user's account within Okta. The user can attempt to select it as an authentication method, but no message will be delivered, effectively preventing them from authenticating with that method.

       

       

      Regards.

      --

      Help others in the community by liking or hitting Select as Best if this response helped you.

      Collect them all. Learn a new skill and earn a new Okta Learning badge.

      Expand Post

End of Feed
8 Chatter Feed Items

Group Details

Details

Description
Information
Member Count
69 Members
Owner
TiffaniA.38269