JordanJ.26599 (Customer) asked a question.
Hello,
Our current IdP that we are migrating away from supported importing Active Directory phone numbers as the source for a user's SMS/voice call 2FA. Okta does not appear to support any way to have this phone number pre-populated for a user. If someone who has never enrolled into MFA has had their credentials compromised, that malicious actor could input ANY phone number for the SMS/voice call enrollment. Now that person has legitimate 2FA access to our resources. Has anyone solutioned around this?
We do not love the idea of SMS/voice call 2FA however we have to have a solution for external entities that need access to our systems and are unwilling (or not bound by contract) to install Okta Verify on their personal mobile device.
Hi there! Apologies for the lack of response to your question. Going forward, we're implementing a new process to ensure that all Discussions receive a response from either another Community member or from the Okta Support team within 7 days of posting. Thank you for your patience while we put this into action!
I know this question is a bit old now, but If you’re still looking for information or help I’d recommend reaching out to the fine folks in the Admin Pro Tips group to see if anyone there can help: https://support.okta.com/help/s/group/0F90Z000000EK23SAG/admin-pro-tips
Thanks 🙂