
v0d07 (v0d07) asked a question.
I am looking to understand how Okta handles challenge questions and answers. I would like to know if they are encrypted at rest and, if so, what kind of encryption is used? Are there any configurable options with how these are stored?

Hello @v0d07 (v0d07)
If an app is redirecting the user to a security question form every time the user logs on and forces a security question, the security answer would need to be input but will never be stored. You can also set the landing page of the Security Question as the landing page for the SWA app but the security question would need to be filled in every time. This means that Okta doesn't store the answer to the security questions.
I recommend you to read the following blog for more information about this: https://www.okta.com/blog/2021/03/security-questions/
Regards,
Thank you for the response, Henry. I should have been more clear in my question. I'm referring to the MFA option of a security question for logging in to Okta itself, not for a SWA app. Meaning, instead of using Okta Verify, text message, phone call, etc, the user chose to use a security question as a second factor for logging in to their account. How are those questions and answers stored?