Multi-Factor Authentication in Okta

Colby requires multi-factor authentication (MFA) to access certain online services that contain private or sensitive data, including Colby's Google (and Gmail) Workspace, Workday platform, and many others. MFA involves the use of a secondary form of verification in addition to a password, providing an added layer of security when you access services that contain private or protected information. Because this secondary authentication is unique to your account, you must set up and manage your MFA options as a component of your Colby account. The following instructions will guide you through selecting and setting up your MFA options.

Configuring and testing your factors for the first time will take about 10 minutes. As part of the process, you will need to have your available factors – a telephone, cell phone, smart phone, or a token like a YubiKey (if you don’t know what that is, don’t worry!) – ready to configure and test. When you are ready to begin, follow the instructions below.

Okta FastPass (Preferred and Best Experience)

Okta FastPass is a fast and secure option for multi-factor authentication in Okta. It provides 'passwordless' authentication for compatible computers and smart phones using biometrics like face or fingerprint recognition. It is faster because it doesn't require entering a password or typing a code, and it's more secure because your password and multi-factor code is never transmitted (like when receiving codes via text message, phone call, or email) so it can't be used by an attacker. 

We recommend configuring Okta FastPass after completing the initial setup for Okta Verify detailed below. When you have successfully set up Okta Verify, refer to this how-to section for instructions on how to set up Okta FastPass.

Accessing your Okta MFA settings

  1. Sign in to your Okta account at https://okta.colby.edu 
  2. In the top right corner, click on the arrow next to your name and select ‘Settings’ from the drop-down menu
  3. You should now be on your Okta personal settings page. Click the green “Edit Profile” button (shown below) to unlock your settings. If you do not see the button, continue on to step 4.
  4. If prompted for additional verification, enter your password again.
  5. MFA options are configured in the ‘Security Methods’ section – an unconfigured example is shown below. You may need to scroll down in the profile settings page to find it.

Note that each option has a ‘Set up’ button next to it. While only one extra verification/MFA method is required, it is important that you setup at least two verification factors to ensure an alternative should one method (like your cell phone) be unavailable. Once an option is configured, if you need to disable or reconfigure it, you may do so by clicking ‘remove,’ which will then make the option available to set up again.

The following steps will guide you through selecting factors based on the types of devices you may have. Please read them in the order they are listed:

First, configure the Okta Verify mobile app

Okta Verify is a multi-factor authentication (MFA) app developed by Okta. It works by sending 'push' notifications asking to approve your login or providing 6-digit MFA codes even without an active network connection on the device. Other options like voice call and text require an active connection to receive codes.

Setting up Okta Verify Mobile App

  1. Click the button marked “Setup” next to “Okta Verify”
  2. Follow the instructions presented on the screen, or for more detailed instructions click here and scroll down to “Procedures,” select “Set up Okta Verify as a New User” and follow the instructions to install and configure the Okta Verify mobile app on your smartphone.

Setting up Google Authenticator

If you are already comfortable with the Google Authenticator app, adding Okta is simple. Please note that the Google Authenticator app will not support Okta FastPass or ‘push’ authentication for Okta, it will only support numeric codes that you will need to enter into the sign-on process. You can also set up both the Okta Verify app and the Google Authenticator app and decide for yourself which works better.

  1. Click the button marked “Setup” next to “Google Authenticator” and follow the instructions to add Okta as a keyed service.

Second, configure a telephone factor as a backup

It is strongly recommended that you configure both of these options if possible. Telephone (call or text) verification should be used as a backup and not a primary means of receiving MFA verification codes. This method is insecure and is prone to error. 

Setting up voice call verification

  1. Click the button marked “Setup” next to “Voice Call Authentication”
  2. Complete the required fields to store a telephone number where verification codes can be sent. This should be a phone number that you are most reachable at, such as a cell phone, as it will be used to deliver authentication codes for verification purposes.

Setting up text message (SMS)

  1. Click the button marked “Setup” next to “SMS Authentication” (SMS stands for “short message service” and is equivalent to text messages)
  2. Complete the required fields to store a telephone number where verification codes can be sent.

If you do not have a smart phone

Setting up YubiKey Security Token 

  1. A YubiKey is a small thumb drive sized hardware token that plugs in to a USB port and allows for 'one touch' MFA.  This option is available in cases where a smartphone app or text message delivery is not an option.
  2. Contact the ITS Support Center at x4222 or support@colby.edu for more information on key activation.

Testing your Factors

You will be prompted for MFA as you authenticate to certain services through Colby’s Okta portal. If you want to try it out, you can test your MFA settings at any time by clicking on the ‘Configure and Test MFA’ icon (app) in your Okta home page:

After clicking the ‘Configure and Test MFA’ icon shown above, you’ll be prompted for an MFA factor. When you are prompted for your MFA factor, you can select which one you’d like to use by clicking the pull-down arrow to the left of the factor icon. The example shown below is for SMS (text message), but you can select and test one of your other factors like Okta Verify Push or a Yubikey by clicking the menu button to the right of the SMS icon. The red arrow shown below is highlighting the menu button – you won’t see the red arrow in the real dialog.

         

100% helpful - 1 review
Print Article

Related Articles (3)

Multi-Factor Authentication (MFA) when abroad
How to set Okta MFA for use on multiple phones specifically for international travel.
Password Management
You probably have more online accounts than you can keep track of. If you keep track of your passwords by writing them down, using a spreadsheet or local file, or "have a system" for using passwords, you should read this.
Zoom Overview and Help
An Overview on Zoom, a video conferencing and meeting service, including tutorial and FAQ links.

Related Services / Offerings (1)

Multi-Factor Authentication
Multi-factor Authentication (MFA) Support