63ppr (63ppr) asked a question.
Seeing as Okta recommends against using security questions in any authentication flow, as highlighted throughout the documentation and in the health insights module, then what form of authentication am I supposed to use for a new employee?
For a new employee's laptop, our IT department signs into their Outlook (among other things) when setting it up and create a security answer which is then given to the user on their onboarding document with the laptop. In their IT onboarding training, they are told how to configure Okta Verify on their phone, and then the security question is removed from their account.
If we aren't supposed to use a security question, then what authentication method should be used? They can't setup Okta Verify until they've logged in to our portal and done the onboarding, which requires Okta, and out IT techs can't use Okta Verify and add multiple accounts to their phones.
Hello @63ppr (63ppr) Thank you for reacting out to our Community!
For your particular use case, I believe this is the best option as your company's IT team configures the account before it is handed to the user. As long as the Security question is removed after the users setup Okta Verify I believe that this would be the best scenario for your company.
Community members help others by clicking Like or Select as Best on responses. Try it today.
Ask Away: OIG Product Experts Answer Your Questions Thru Thur., Dec 14
Earn Today: New Okta Community Badges Have Arrived
@Paul S. (Okta, Inc.) Is there a way to built a logic on the back-end to remove "Security Question" authenticator from a user after that user is enrolled into Okta verify?