Security Features

Protect your workforce and customers with a variety of robust security features.
Okta ThreatInsight


Log and block authentication attempts from suspicious IP addresses.

ThreatInsight uses attack data from across our network to identify and block malicious login attempts.

Okta detects threats prior to authentication evaluation. Requests that Okta ThreatInsight blocks prevent user lockouts from suspicious IP addresses. Configure Okta ThreatInsight to detect suspicious IP addresses from credential-based attacks.

When Okta ThreatInsight actions are enabled, end users may sign in to their org as usual. If Okta detects a sign-in attempt from a malicious IP address and authentication requests are set to be blocked, the user receives an HTTP 403 error.

Passwordless authentication

Delight and secure users with passwordless authentication.

With passwordless authentication, you can reduce or even eliminate a majority of password-based attacks, including phishing and credential stuffing.

Get a variety of passwordless options for every use case:

  • Applicable for Workforce and Customer Identity
    • Email-based magic link
    • Factor sequencing
    • WebAuthn
  • Applicable for Workforce
    • PIV/Smart-Card (x509 based)
    • Passwordless with Device Trust
    • Desktop single sign-on

Okta Verify

Enable Okta Verify (with push when available) to enable your end users to authenticate with a strong MFA factor.

Okta Verify is an MFA factor and authenticator app you can use to confirm a user's identity when they sign in to their Okta account. 

After an end user installs the app on their primary device, they can verify their identity by approving a push notification or by entering a one-time code. When a user signs in to their organisation or service, the Okta Verify app prompts them to verify their identity.