Enforce number challenge for Desktop MFA

When you enable this feature, it sends a number challenge along with any push notification when a Desktop MFA user signs in to their computer.

This provides enhanced security for your org by ensuring that users can only verify their identity when their mobile device and computer are both present.

Set the Push notification: number challenge option in the Okta Verify authenticator. This is found in the SecurityAuthenticators section of the Admin Console. This option applies to all org users who authenticate using Okta Verify Push for app access. See Configure Okta Verify options.

Procedure

To enable the number challenge for Desktop MFA, follow these steps:

  1. In the Admin Console, go to SecurityGeneral.
  2. Click Edit in the Okta Device Access section.
  3. Select Enabled from the dropdown menu next to Enforce number matching challenge for Desktop MFA.

  4. Click Save.

To disable the number challenge feature, select Disabled from the dropdown menu.

Next steps

Configure Desktop MFA for macOS to use FIDO2 keys