Okta Verify: Overview and Setup

Overview

Okta Verify is UW-Eau Claire's new multi-factor authentication (MFA) solution replacing DUO Mobile Security. Okta adds another layer of protection to your account and information by requiring an additional step to log-in. In addition to entering your password, Okta notifies you whenever someone attempts to log into your account, prompting you to either allow the login or deny it.

Setup Okta Verify App
Adding a Phone Number
Adding Additional Devices
Using YubiKeys & Tokens
Logging in with Okta Verify

Known Technical Limitations

• Current UW-Eau Claire tokens will not work with Okta. If the Okta Verify smartphone app, phone calls, and/or texts options will not work for you, an eForm can be filed to request a new Okta token at the expense of the university.
• If you are using an iOS native email app, you will need to delete and re-add your account in order for Okta Verify to work. For more information on how to do this, read the Email: Configure the Mail App on iOS Devices article.
• Okta may not work with the default Gmail mobile app for an Android phone. It is recommended to use the Outlook mobile app.

Setup Okta Verify App

To proceed with setup, you should have access to both a computer and the mobile device, usually a smart phone, that you will use for multi-factor authentication.

On the Computer

1. Navigate to oktasetup.uwec.edu and sign into your account.
   
2. You will be prompted to set up security methods for your account. Select Set up for Okta Verify.
   
3. Your screen will display a page with app download instructions for your mobile device and a QR code. Keep this window open as you proceed to the steps for your mobile device.

On the Mobile Device

1. Install the Okta Verify app from your device's respective app store.
2. Open Okta Verify.
3. Tap on Get Started or Add Account.
4. Select Organization when prompted for account type.
   
5. The next screen should ask if you have your QR code. This should still be open on your computer. Tap Yes, Ready to Scan.
   
6. Allow the app access to the camera, if prompted, and scan the QR code on your screen.
7. If prompted, allow the app to send notifications to your phone.
8. Tap Done to complete the process.

Adding a Phone Number

It is recommended that you also enable the ability to authenticate using phone calls or codes sent over SMS text messages. If you replace your current mobile device you will still be able to access your account as long as you maintain the same phone number.

1. Navigate to the Okta Verify Dashboard and sign into your account.
2. Click on your name in the upper-right and select Settings
   
3. Click on Setup under Phone.
4. Sign in again, if prompted
5. Click on Set up

6. Enter your phone number.

7. Retrieve the code from your phone and enter it on your computer.

Adding Additional Devices

It is possible to add additional mobile devices or phone numbers to use as alternate authentication devices. This can be useful for those scenarios where your primary device isn't available.

1. From a computer, log into the Okta Verify Dashboard.
2. Click on your name in the upper-right and select "Settings."
   
3. Select the type of device you wish to setup.
   

• If you wish to setup the Okta Verify app on another device, click on "Set up another" for that option and follow the steps to Setup Okta. Verify App after the QR code displays on your phone.
• If you want to setup authentication through call or text on another phone number, click on "Set up another" for the Phone option and follow the steps for Adding a Phone Number.

Using YubiKeys & Tokens

If you already have access to a YubiKey or would like to purchase a YubiKey using personal funds, you may do so and then self enroll that YubiKey using the "Adding Additional Devices" instructions above and selecting "Security Key or Biometric Authenticator."

Current UW-Eau Claire tokens will not work with Okta. As a part of the Okta project, LTS is trying to decrease the amount of tokens utilized for Okta as there is an additional cost of roughly $30 per token along with an ongoing operational expense to manage them. A token should only be utilized if there is a accessibility need or a particular use case that the smartphone app, phone calls, and/or text message options will not work for. If a token is needed, a request can be submitted to the LTS Help Desk for a new Okta token at the university's expense. Once justification is approved, LTS Information Security will be in contact to coordinate pickup of the Okta token.

helpdesk@uwec.edu

Logging in with Okta Verify

Using Okta Verify, you can now access all of your university applications through an easy-to-use dashboard. Just open the Okta Verify Dashboard and sign in. Okta Verify will ask you which of the security methods you would like to use.

1. Enter a code - Use an offline code produced by the Okta Verify app on your mobile device.
   **This method does not require Internet access.**
   • Open Okta Verify on your device.
   • Locate the account (ex. employjj@uwec.edu) you are logging into.
   • Tap on the icon to show the code.
   • Click on "Select" on the device you are logging into.
   • Enter the code in the appropriate field.
2. Get a push notification - Send a push notification to your mobile device.
   • Click on "Select" on the device you are logging into.
   • Click "Send Push."
     • You can check a box on this screen to setup push notifications as the default way of authenticating in Okta Verify.
   • You will receive a notification on the smart device that you configured Okta Verify on.
   • Tap on "Yes, it's me" in the notification and complete any necessary verification on your device.
3. Phone - Receive a code through SMS or phone call.
   • Click on "Select" on the device you are logging into.
   • Okta may want to send a SMS code by default.
     • If you wish to proceed with SMS, click on "Receive a code via SMS."
     • To receive a phone call, click on "Receive a voice call instead."
   • Enter the code you received via SMS or phone call.