Okta - Compare the MFA Options
Factor Type
|
Security
|
Description
|
Requires Internet Connection
|
Other Requirements
|
Okta Verify mobile app
|
Strong
|
To sign in, users will receive a push notification asking for permission to sign in, or must start the Okta Verify app on their mobile device to retrieve a six-digit code. The Okta Mobile app meets web accessibility requirements. |
Required for Push Notifications and initial setup
|
Must download and install the app on a mobile device. |
Google Authenticator
|
Strong
|
To sign in, users must start the Google Authenticator app on their mobile device to generate a six-digit code. The time limit is two minutes. After five unsuccessful attempts, regardless of the time between the attempts, the user account is locked and must be reset by an administrator. |
Only for initial setup
|
Must download and install the app on a mobile device. |
SMS text message
|
Moderate
|
Users sign in by entering a security token that is sent to their mobile device as a text message. |
No
|
Requires the use of a mobile or phone number that can receive SMS messages. |
Voice call
|
Moderate
|
To sign in, users must enter a security token that is generated, then sent to them via a phone call to their mobile or land line phone. |
No
|
Using a land line phone requires users to be in the same location as the phone when accessing Okta. |
Security Key
|
Moderate
|
Users sign in by inserting a USB key into the device (unless it is NFC-enabled) and entering a PIN. |
No
|
Must have the security key on hand to authenticate. |
See Also:
- Okta - What is Multi-Factor Authentication (MFA)?
- Okta - Register Your Account
- Okta - Setup the Okta Verify Mobile Application
- Okta - Use the Okta Verify Mobile Application
- Okta - Setup and Use Google Authenticator
- Okta - Setup and Use SMS Authentication
- Okta - Setup and Use Voice Call Authentication
- Okta - Setup and Use a Security Key
- Okta - Add and Remove MFA Options
- Okta - Multifactor Authentication FAQ