We're Hiring:

Strengthen Cloud Application Security

Multifactor Authentication

More Resources


Multifactor Authentication for
the Cloud



Two Factor Authentication for Cloud & On-Prem Apps


Okta provides secure, flexible multifactor authentication natively as part of our core identity and access management service.

Fully Integrated with the Okta Service

Okta provides multifactor authentication as a core feature of the identity management service. All functionality is built by Okta with the same focus on flexibility, security, and ease of use that we apply to all other aspects of our product and comes bundled with the Okta solution. No third party products are required.

Multifactor authentication integration

Flexible, Secure Verification Options

Choose from a variety of second-factor options to balance the needs of your user base, the sensitivity of the applications you are protecting, and overall ease of use.

Multifactor authentication security question

Multifactor Authentication - Security question

Multifactor authentication mobile verification

Multifactor Authentication - Okta soft token with code and timer

Security question
Security questions offer added protection by requiring users to provide additional information beyond simple user name and password. This option requires no additional devices and minimal user configuration.

Soft token
Okta’s soft token mobile application is designed for absolute simplicity for the user, and comprehensive security for the Okta administrator. The app can be installed directly from both the Android and Apple app stores. It self-configures using the device’s integrated camera. Once installed, users simply read a six-digit number from their phone screen to access protected resources, generated using the industry-standard Time-Based One-Time Password algorithm.

Text message
Okta offers the option of text-message based authentication. A six-digit pin code can be sent to the user’s mobile device and then entered to access resources. This may be a good option for users without smartphone devices.

Multifactor authentication policy management

Multifactor Authentication - Admin Time Settings

Centralized Policy Management

One Okta policy controls access to all applications, whether cloud based or on premises. Policies can control how often and when to ask users for additional verification. Frequency can range from every login to once per device. Extra verification can be required for all or just specific apps. In addition, separate policies can be established for internal vs external users.

Easy for Administrators and Users

Multifactor authentication enabling extra verification

Multifactor Authentication - Admin Enable Drop Down

Okta’s multifactor authentication solution is designed to be easy to use, both for administrators and users. As an Okta solution, it is fully cloud delivered—no on-premises software or hardware is required. It can be enabled with just two clicks in the Okta administrative interface. Users can self-administer their tokens on their smartphones, subject to the policies administrators define. No clumsy hard tokens or complex SSL certificates required.

Works with your VPN

Okta’s single sign-on and multifactor authentication solution will work with any SAML-enabled SSL VPN. This enables comprehensive, seamless authentication across all enterprise applications accessed from the public Internet, whether cloud-based, in the DMZ, or protected by a VPN.

Extensible to Third-Party Multifactor Authentication Solutions

In addition to native Okta multifactor authentication support, our architecture also makes it easy to integrate Okta with a variety of existing MFA solutions. Using the same extensible architecture that enables Okta to provide a set of pre-integrated applications, customers can also leverage existing MFA products, such as Verisgn VIP or RSA, in conjunction with the Okta service. Okta also provides options to easily replace or integrate with existing strong authentication solutions, such as RADIUS.