Did you miss our insightful Ask Me Anything session with an Okta product expert on Multi-

Factor Authentication? Don’t worry—we’ve got you covered!

Our recent Ask Me Anything session on adopting stronger multi-factor authentication (MFA) with Okta's product expert was packed with engaging discussions and valuable insights. If you missed it, don’t worry—we’ve rounded up the top highlights for you! Discover key takeaways on getting started, best practices, use cases, and more. Read the recap.

Is your MFA truly phishing-resistant? 🔐

Our new technical deep dive on Okta FastPass details how Possession-Based Authentication, utilizing Cryptographic Binding and Origin Binding, combats AiTM attacks.

Learn about the architectural mechanics, best practices for Global Session and Authentication Policy in OIE, and a strategic framework for a scalable, zero-friction passwordless rollout.

Check out the January Okta Community Monthly Buzz! 

This month's edition features helpful insights from @John Cokkinias (Okta)​ on our recent Ask Me Anything (AMA) on MFA, details on the improved Okta Customer Success Hub, training and certification updates, member shout-outs, how-to support resources, new product features, and more. You can check out the latest and greatest highlights from our January Monthly Buzz here.

I need someone to contact me regarding two sources of MFA that are hitting my phone.

I have 2 separate shortcode text MFA that I get, and they are NOT from anything I am doing. Both shortcodes "Help" direct me to Okta phone numbers, but I cannot interact because I am NOT a customer. Please someone contact me and help me find out which of these MFA codes are being sent to me from where so I can secure the login further. Text reads: ###### is your verification code. Valid for 5 minutes. No idea which company or where it comes from, only from Okta hosting the shortcode.

Hi all! Our first Ask Me Anything of 2026 is happening on January 20, and it’s all about the adoption of stronger authentication MFA. With the start of a new year, there's no better time to reinforce your security posture. While Multi-Factor Authentication (MFA) is the most effective defense against credential theft, simply enabling it isn't enough. You'll need to implement stronger, phishing-resistant authenticators across your entire user base! Whether you're curious about general insights on deploying, managing, or scaling stronger authentication MFA, now's your chance to get answers directly from an Okta product expert.

Post your questions in the discussion thread here by January 19. On January 20, our product team will share written responses to everything you’ve asked.

SMS authenticator after "bring your own telephony."

If an org uses SMS or voice as a factor and Okta's "bring your own telephony" policy comes into effect, what happens to accounts in that org that have only SMS or voice as factors?

A. The account is no longer protected by MFA?

B. The account can attempt to use SMS as an authenticator, but no message is delivered to the end user?

C. Something entirely different?

Thanks.

Hi all.

I set up an account up to do some testing. I stupidly deleted the Okta Verify application and now can't access the developer instance at all. 

I really need to do some testing urgently and I'm the only admin but everything prompts me to Okta Verify after entering my password. I also can't submit a case for this same reason. I've emailed community@ and support@ (support@ is no longer active) but any advice how I can fix this?