Security Features

Protect your workforce and customers with a variety of robust security features
Okta ThreatInsight

ThreatInsight

Log and block authentication attempts from suspicious IP addresses.

ThreatInsight uses attack data from across our network to identify and block malicious login attempts.

Okta detects threats prior to authentication evaluation. Requests that Okta ThreatInsight blocks prevent user lockouts from suspicious IP addresses. Configure Okta ThreatInsight to detect suspicious IP addresses from credential-based attacks.

When Okta ThreatInsight actions are enabled, end users may sign in to their org as usual. If Okta detects a sign-in attempt from a malicious IP address and authentication requests are set to be blocked, the user receives an HTTP 403 error.

Passwordless authentication

Delight and secure users with passwordless authentication.

With passwordless authentication, you can reduce or even eliminate a majority of password-based attacks, including phishing and credential stuffing.

Get a variety of passwordless options for every use case:

  • Applicable for Workforce and Customer Identity
    • Email-based magic link
    • Factor sequencing
    • WebAuthn
  • Applicable for Workforce
    • PIV/Smart-Card (x509 based)
    • Passwordless with Device Trust
    • Desktop single sign-on