MFA Usage report

The MFA Usage report provides a list of all authenticator enrollments based on authentication activity from your users when they sign in to their accounts. Each row in this report is based on an enrolled authenticator for each user.

For example, the report lists one row for every user who has enrolled in the Password authenticator. Okta Verify enrollments, however, could have up to three rows for each user, which could represent TOTP, Okta Verify Push, or the Signed Nonce method.

Okta MFA Usage report screenshot showing multiple Okta Verify enrollments

Info

Note

  • If a user has enrolled in an authenticator but has not yet used it, the Last Used column in the report will be blank

  • If a user removes an authenticator (and as a result is no longer enrolled), the report will not show user entries for that authenticator.

Users can be listed more than once in the report if they have enrolled in multiple authenticators and used them for MFA. Users who have not enrolled in authenticators will not be listed in this report even if assigned one or multiple authenticators by their admins.

Fields

User User’s first and last name.
Login User’s email address.
MFA Factor Authenticator used to sign in to Okta.
Last Enrolled_ISO8601 The date and time in ISO 8601 format that the user first enrolled in the authenticator.
Last Used_ISO8601 The date and time in ISO 8601 format that the user last used the authenticator to verify their credentials.

Example of MFA Usage report entries

User Login MFA Factor Last Enrolled_ISO8601 Last Used_ISO8601
Ryan Saito ryan.saito@okta.com Email Authentication 2020-10-19T18:02:21.000Z 2021-04-12T13:37:05.000Z
Leah Lane leah.lane@okta.com FIDO2 (WebAuthn) 2020-10-20T03:26:15.000Z 2021-01-07T18:47:52.000Z
Sandy Mathrani sandy.mathrani@okta.com Okta Verify Push 2021-02-04T00:30:41.000Z 2021-03-11T15:55:40.000Z
Ryan Saito ryan.saito@okta.com Password 2021-02-04T00:58:43.000Z 2021-04-24T18:02:03.000Z

Generate the MFA Usage report

  1. From the Admin Console, navigate to Reports > Reports.

  2. Under Multifactor Authentication, click MFA Usage.

  3. Enter a username to generate data for a specific user only. For all users, leave the User field blank.

  4. Click Request Report. A message will confirm that your report is being generated and will be sent to the email associated with your Okta account.

  5. Check your inbox for an email from Okta with the subject line Your MFA Usage Report is Ready!

  6. In the email, click Download report to download the report in CSV format.

Related topics

Reports

Report types

System Log filters and search