About Behavior Detection
Deciding when to require a second
There are two components of Behavior Detection that admins can configure:
- Define the behavior to track.
- Define an action to take if there is a change in trackable behavior for an end user.
Behavior Detection considerations
- You can't deny access if a behavior condition is selected in an Sign-on policies.
- You can reset the behavior profile for an end user. This reset clears all tracked behavior history for the end user, but continues tracking new behavior.
- You must include the new behavior in a sign-on policy in order for behavior detection to take effect. Defining a behavior does not trigger any actions unless it is added to a policy.
Location data is provided by a third party geolocation provider. To improve accuracy as much as possible, Okta also updates geolocation IP data on a weekly basis.