This security task ensures that multifactor authentication (MFA) requirements aren't in conflict with Okta Behavior Detection. It also ensures that MFA policy rules aren't bypassed.
These settings appear on the Okta Sign-On Policy Add Rule or Edit Rule page. This combination creates a mismatch between the policy's condition and its action:
|Behavior is||New Device|
|Users will be prompted for MFA||
You've selected one of these options:
When users select this security task, recommendations to correct the configuration appear.
HealthInsight task recommendation
Set require factors to ensure that end users assigned to a given policy are enrolled in multifactor authentication.
Select At every sign in for the Users will be prompted for MFA option on the Okta Sign-On Policy Add Rule or Edit Rule page. See Configure an Okta sign-on policy for instructions.