Okta: Overview and Setup

Last Updated

Overview 

Okta is UW-Eau Claire's new multi-factor authentication (MFA) solution replacing DUO Mobile Security. Okta adds another layer of protection to your account and information by requiring an additional step to log-in. In addition to entering your password, Okta notifies you whenever someone attempts to log into your account, prompting you to either allow the login or deny it.

Setup Okta Verify App
Setup Phone Call or Text Messages
Adding Additional Devices
Using YubiKeys & Tokens
Logging in with Okta Verify

Known Technical Limitations

  • Existing DUO tokens will not work with Okta. If the Okta Verify smartphone app, phone calls, and/or texts options will not work for you, an eForm can be filed to request a new Okta token at the expense of the university.
  • If you are using an iOS native email app, you will need to delete and re-add your account in order for Okta Verify to work. For more information on how to do this, read the Email: Configure the Mail App on iOS Devices article.
  • Okta may not work with the default Gmail mobile app for an Android phone. It is recommended to use the Outlook mobile app.


Setup Okta Verify App

The steps below are for your initial enrollment in Okta.  If you need to add a new device, please use the steps listed in the Adding Additional Devices portion of this article.

To proceed with setup, you should have access to both a computer and the mobile device, usually a smart phone, that you will use for multi-factor authentication.

On the Computer
  1. Navigate to oktasetup.uwec.edu/ and sign into your account.
    Uploaded Image (Thumbnail)
  2. You will be prompted to set up security methods for your account.  Select Set up for Okta Verify.
    Uploaded Image (Thumbnail)
  3. Your screen will display a page with app download instructions for your mobile device and a QR code.  Keep this window open as you proceed to the steps for your mobile device. 


On the Mobile Device
  1. Install the Okta Verify app from your device's respective app store.
  2. Open Okta Verify.
  3. Tap on Get Started or Add Account.
  4. Select Organization when prompted for account type.
    Uploaded Image (Thumbnail)
  5. The next screen should ask if you have your QR code. This should still be open on your computer. Tap Yes, Ready to Scan.
    Uploaded Image (Thumbnail)
  6. Allow the app access to the camera, if prompted, and scan the QR code on your screen.
  7. If prompted, allow the app to send notifications to your phone.
  8. Tap Done to complete the process.

* Please consider adding a phone number for authenticating via phone call or text.  This is useful if you change phones or lose access to the device you just setup.

Try it out by logging into the Okta Dashboard use these instructions!


Setup Phone Calls or Text Messages

The steps below are for your initial enrollment in Okta.  If you need to add a new device, please use the steps listed in the Adding Additional Devices portion of this article.

It is recommended that you also enable the ability to authenticate using phone calls or codes sent over SMS text messages. If you replace your current mobile device you will still be able to access your account as long as you maintain the same phone number.

  1. Navigate to the Okta Setup Page and sign into your account.
  2. Click on Setup under Phone.
  3. Sign in again, if prompted
  4. Click on Set up
  5. Select how you wish to receive your code
    1. SMS if you wish to receive a code via text
    2. Voice call if you wish to receive a code via a phone call
      Uploaded Image (Thumbnail)
  6. Enter your phone number
  7. Retrieve the code from your phone and enter it on your computer
    Uploaded Image (Thumbnail)


Adding Additional Devices

If you've previously enrolled in Okta, it is possible to add or remove security methods through your settings in the Okta Dashboard.

  1. From a computer, log into the Okta Dashboard.
  2. Click on your name in the upper-right and select "Settings."
  3. Select the type of device you wish to setup.
  • If you wish to setup the Okta Verify app on another device, click on "Set up another" for that option and follow the steps to Setup Okta Verify App after the QR code displays on your phone.
  • If you want to setup authentication through call or text on another phone number, click on "Set up another" for the Phone option and follow the steps for Adding a Phone Number.
  • If you no longer have access to a device or phone number, you can use this page to remove those device.


Using YubiKeys & Tokens  

If you already have access to a YubiKey or would like to purchase a YubiKey using personal funds, you may do so and then self enroll that YubiKey using the "Adding Additional Devices" instructions above and selecting "Security Key or Biometric Authenticator."

Existing DYO tokens will not work with Okta. As a part of the Okta project, LTS has tried to decrease the amount of tokens utilized for Okta as there is an additional cost of roughly $30 per token along with an ongoing operational expense to manage them. A token should be utilized if there is a accessibility need or a particular use case that the smartphone app, phone calls, and/or text message options will not work for. If a token is needed, a request can be submitted via an eForm. Once verified, LTS Information Security will be in contact to coordinate pickup of the Okta token.

Request Hardware Token for Okta Authentication

Logging in with Okta Verify 

Starting January 8th, any login pages where you have traditionally used Duo for will switch to Okta for authentication. Before January 8th, you can test your ability to use Okta by signing into the Okta Dashboard. Okta will ask you which of the security methods you would like to use.


Uploaded Image (Thumbnail)

  1. Enter a code - Use an offline code produced by the Okta Verify app on your mobile device.
    **This method does not require Internet access.**
    • Open Okta Verify on your device.
    • Locate the account (ex. employjj@uwec.edu) you are logging into.
    • Tap on the icon to show the code.
    • Click on "Select" on the device you are logging into.
    • Enter the code in the appropriate field.
  2. Get a push notification - Send a push notification to your mobile device.
    • Click on "Select" on the device you are logging into.
    • Click "Send Push."
      • You can check a box on this screen to setup push notifications as the default way of authenticating in Okta Verify.
    • You will receive a notification on the smart device that you configured Okta Verify on.
    • Tap on "Yes, it's me" in the notification and complete any necessary verification on your device.
  3. Phone - Receive a code through SMS or phone call.
    • Click on "Select" on the device you are logging into.
    • Okta may want to send a SMS code by default. 
      • If you wish to proceed with SMS, click on "Receive a code via SMS."
      • To receive a phone call, click on "Receive a voice call instead."
    • Enter the code you received via SMS or phone call.