MFA factor configuration
Multifactor authentication (MFA) is an added layer of security used to verify an end user's identity when they sign in to an application.
An Okta admin can configure MFA at the organization or application level. If both levels are enabled, end users are prompted to confirm their credentials with factors when signing in to Okta and when accessing an application.
To learn more about admin role permissions and MFA, see Administrators.
Supported MFA factors
- Okta Verify
- Custom TOTP
- Custom IdP factor
- Duo Security
- Google Authenticator
- On-Prem agent (including RSA)
- Security Question
- SMS
- Symantec VIP
- Voice Call
- WebAuthn
- YubiKey
Notes:
-
MFA for RDP, MFA for ADFS, RADIUS logins, or other non-browser based sign-on flows don't support the Custom IdP factor.
-
MFA for RDP doesn't support the Duo Security or FIDO2 (WebAuthn) factors.