The Security Checklist appears on the admin dashboards and displays a list of security features that Okta recommends enabling in order to improve the security posture of your orgThe Okta container that represents a real-world organization..
These settings can also be configured by navigating to Security > General. For more information, refer to General Security.
The following security settings can be enabled or disabled for your org if they are available for your account:
- Email notifications for unknown or new devices (end usersIn Okta literature, we generally refer to "end users" as the people who have their own Okta home page (My Applications), using chiclets to authenticate into all of their apps. End users do not have any administrative control. When we refer to "users" we are generally referring to the individual(s) who have administrative control.)
- Email notifications when enrolling in MFA (end users)
- Email notifications when resetting MFA (end users)
- Multi-factor authentication for access to administrative settings (admins)
|User Role||User Impact|
|Okta AdminAn abbreviation of administrator. This is the individual(s) who have access to the Okta Administrator Dashboard. They control the provisioning and deprovisioning of end users, the assigning of apps, the resetting of passwords, and the overall end user experience. Only administrators have the Administration button on the upper right side of the My Applications page.||A new confirmation message for security settings appears on the admin dashboard homepage.|
|End User||Impacted by security settings for email notifications when these settings are enabled or disabled by an admin.|
Accessing and using this feature
- Sign in to the admin dashboard.
- Under Security Tips, click Enable security features. The Security Checklist screen appears.
- Review each setting and enable or disable each as needed.
- Save your settings to proceed with your changes.
If all settings have been enabled, a message appears confirming the checklist has been completed.
If one or more settings are disabled, a reminder to enable them will be displayed until they are enabled or the message is dismissed manually.