VipinV.44200 (Customer) asked a question.
Does Okta provide a soft token for desktops MFA similar to Okta Verify on mobile devices?
Does Okta provide a soft token for desktops MFA similar to Okta Verify on mobile devices?
- bogdan.musat1.4721640984610786E12 (Okta, Inc.)Hello my name is Bogdan from Okta customer support. Curently Okta supports Windows Hello and U2F security key (FIDO 1.0).These two factors should allow your users to use MFA on their Desktops and sign-in into Okta.We also support Email Authentication as an MFA factor, though Email Authentication is not a best practice. When you add it as a factor, you must accept the risk of using it. The following message appears:We do not recommend that you use email as a second factor experience for Okta. This experience is a very insecure method of additional verification as:
- Email can be compromised by third parties
- Email is not always transmitted over secure protocols
- Email can also be used, depending on the recovery flow, for primary credential recovery
Expand Post - j5v7c (j5v7c)Hello, If you receive a great answer to your question, please help readers find it by marking it the best answer. Hover over the answer and click "Best Answer." Thank you,OHC TeamExpand Post
- VipinV.44200 (Customer)I was expecting a solution from Okta to provide its own soft token that can be used in Development Center which has restricted accesss for carrying mobile devices,
- j5v7c (j5v7c)Hi Vipin, We will doc your question and route it to the proper tech specialist who can give you a more detailed answer. Thanks for your feedback, Dylann Fezeu
Okta Help Center Team
Expand Post - teju.shyamsundar1.4926262186631091E12 (Product Strategy, EMEA)
Hi Vipin
Is the question around providing a desktop version of the Okta Verify application? While we do not offer the Okta Verify app on desktops, the best practice here (if possible) is to authenticate using a U2F hard token - Yubikey, for example, which replaces the need for a mobile phone in the development centers. Outside of this, we also have the option to use email as factor in scenarios where employees are not able to authorize via a mobile device.
Expand Post - VipinV.44200 (Customer)
I was thinking of something like the RSA soft tokens, we want to get away with RSA and see if some other option is available .
- MichaelG.21991 (Customer)
This is something we asked about before committing to Okta MFA. Like us, you are probably looking for something like the google authenticator extension app or similar. Okta does not currently have something like this. The reasoning given was that it technically wouldn't be a viable second factor since you can get the second factor on the same computer as where you are attempting to log into the system. I can't argue with that, however it does pose a problem (particularly for us) where there are partners that don't have access to another factor due to being in secure offices (no phones, etc).
Expand Post
This question is closed.
This is something we asked about before committing to Okta MFA. Like us, you are probably looking for something like the google authenticator extension app or similar. Okta does not currently have something like this. The reasoning given was that it technically wouldn't be a viable second factor since you can get the second factor on the same computer as where you are attempting to log into the system. I can't argue with that, however it does pose a problem (particularly for us) where there are partners that don't have access to another factor due to being in secure offices (no phones, etc).