Multifactor Authentication for
Two Factor Authentication for Cloud & On-Prem Apps
Okta provides secure, flexible multifactor authentication natively as part of our core identity and access management service.
Okta provides multifactor authentication as a core feature of the identity management service. All functionality is built by Okta with the same focus on flexibility, security, and ease of use that we apply to all other aspects of our product and comes bundled with the Okta solution. No third party products are required.
Choose from a variety of second-factor options to balance the needs of your user base, the sensitivity of the applications you are protecting, and overall ease of use.
Security questions offer added protection by requiring users to provide additional information beyond simple user name and password. This option requires no additional devices and minimal user configuration.
Okta’s soft token mobile application is designed for absolute simplicity for the user, and comprehensive security for the Okta administrator. The app can be installed directly from both the Android and Apple app stores. It self-configures using the device’s integrated camera. Once installed, users simply read a six-digit number from their phone screen to access protected resources, generated using the industry-standard Time-Based One-Time Password algorithm.
Okta offers the option of text-message based authentication. A six-digit pin code can be sent to the user’s mobile device and then entered to access resources. This may be a good option for users without smartphone devices.
One Okta policy controls access to all applications, whether cloud based or on premises. Policies can control how often and when to ask users for additional verification. Frequency can range from every login to once per device. Extra verification can be required for all or just specific apps. In addition, separate policies can be established for internal vs external users.
Okta’s multifactor authentication solution is designed to be easy to use, both for administrators and users. As an Okta solution, it is fully cloud delivered—no on-premises software or hardware is required. It can be enabled with just two clicks in the Okta administrative interface. Users can self-administer their tokens on their smartphones, subject to the policies administrators define. No clumsy hard tokens or complex SSL certificates required.
Okta’s single sign-on and multifactor authentication solution will work with any SAML-enabled SSL VPN. This enables comprehensive, seamless authentication across all enterprise applications accessed from the public Internet, whether cloud-based, in the DMZ, or protected by a VPN.
In addition to native Okta multifactor authentication support, our architecture also makes it easy to integrate Okta with a variety of existing MFA solutions. Using the same extensible architecture that enables Okta to provide a set of pre-integrated applications, customers can also leverage existing MFA products, such as Verisgn VIP or RSA, in conjunction with the Okta service. Okta also provides options to easily replace or integrate with existing strong authentication solutions, such as RADIUS.