<iframe src="https://www.googletagmanager.com/ns.html?id=GTM-M74D8PB" height="0" width="0" style="display:none;visibility:hidden">
Loading
Skip to NavigationSkip to Main Content
System Status
Announcements
Announcements
Search
Search
Select Language
Knowledge Base
Knowledge Articles
Support Videos ↗
Documentation
Product Documentation ↗
Developer Documentation ↗
Product Release Notes ↗
Community
Events & Webinars
Okta Ideas ↗
Resources
Product Hub
Customer Success Hub
Product Release Update
Learning
Okta Learning ↗
Get Support
Open a Case
HomeCommunityForum
0D50Z00008G7VFHSA3Okta Classic EngineAdministrationAnswered2024-04-17T13:06:00.000Z2018-06-13T17:10:34.000Z2018-09-05T21:10:44.000Z

BenW.76757 (Customer) asked a question.

June 13, 2018 at 5:10 PM
Secondary email alternatives
Using secondary email for provisioning new Okta accounts, for password resets, and for account unlocks is insecure since we cannot be certain about the controls protecting the secondary email. A bad actor could compromise the secondary email and use that to access Okta. In our case, the primary email is only accessible via Okta, so we can't use that either. Are there any alternatives to secondary email for creating new Okta users?
  • 3 answers
  • 3.11K views

  • miqxq (miqxq)

    Secondary email is not mandatory. Are you asking if there are alternatives for password resets & account unlocks?

  • BenW.76757 (Customer)

    I'm asking what is the recommended onboarding method for new users if secondary email is not used? The new user doesn't have access to their business email yet since that access is gated by Okta. How can Okta signup be provided securely to users without involving their personal email? And this does extend to password resets and account unlocks - what are the alternatives to secondary email for those actions?
    Expand Post

  • oxikn (oxikn)

    +1

    It would be extremely helpful, and much more secure, if the options for email notifications to secondary emails were available, say, as a list of checkboxes: ( )New user welcome email, ( ) password resets, ( ) unlock accounts. Being able to select trigger only new user emails to a secondary address would truly support the widely touted Employee Lifecycle Management without impacting the security of the overall environment.

    Expand Post
This question is closed.
Loading
Secondary email alternatives