Skip to main content

We are updating our Multi-Factor Authentication (MFA) process

Data protection is very important to us. To enhance the security of our systems, we are updating our Multi-Factor Authentication (MFA) options for Okta.

Soon, you will receive an email asking you to set up one of the MFA options below, which you will use moving forward. The process is simple and will only take a few minutes. 

Your Questions, Answered

View the answers to frequently asked questions below or contact Broker Services at [email protected] or 888.813.7873 for help.

Understanding Multi-Factor Authentication

MFA adds an extra layer of security beyond your password. It requires a second verification method (something you physically have), making it significantly harder for unauthorized users to access your account.

Security questions can be vulnerable to social engineering attacks, research, and guessing. MFA provides stronger protection by requiring physical access to a device you own, dramatically reducing the risk of unauthorized access. In addition, MFA provides a better user experience, making it a more seamless and secure login experience moving forward.

Yes. MFA is an additional security layer that works alongside your existing password. You'll still enter your password first, followed by the second verification method.

MFA will be required when logging in from new devices, new locations, or after a certain period on trusted devices.

Yes, we recommend setting up at least two methods to ensure you always have a backup authentication option available.

Okta Verify

Okta Verify is a mobile authentication app that provides push notifications and time-based codes for verification. It can be downloaded from the Apple App Store or Google Play Store and is supported by the following devices:

  • iOS devices running iOS 16.0 or later (iOS 13.0+ for Mac)
  • Android devices running Android 7.0 or later
  • Windows 10 (version 1809 or later) and Windows 11

  • Push notifications allow one-tap authentication without typing codes
  • Works offline with time-based codes when no internet connection is available
  • Supports biometric authentication (fingerprint/facial recognition)
  • Can be registered on multiple devices for backup access

Push notifications are alerts sent directly to your mobile device. When you attempt to log in, you'll receive a notification asking you to approve or deny the login attempt.

To use Okta push notifications:

  1. Enter your username and password on the login screen.
  2. A push notification is sent to your registered mobile device.
  3. Tap "Approve" on your device to complete the login.
  4. You're automatically logged in without entering any additional codes.

Note, your mobile device needs an internet connection (cellular data or Wi-Fi) to receive push notifications.

If you don't receive a push notification, you can:

  • Check your internet connection
  • Ensure notifications are enabled for the Okta Verify app
  • Use the time-based code option as a backup
  • Contact Broker Services support if problems persist, and they will direct to IT

If you accidentally deny a push notification, simply restart the login process and approve the next notification.

If you receive an unexpected push notification, tap "Deny" and immediately contact Broker Services at [email protected] or 888.813.7873.

Time-based codes (or TOTPs) are 6-digit codes generated by the Okta Verify app that changes every 30 seconds. These codes are mathematically generated based on time and a secret key stored on your device. The app will display a countdown time that shows when the code will change.

To use Okta Verify time-based codes:

  1. Enter your username and password on the login screen
  2. You will be prompted to enter a verification code
  3. Open the Okta Verify app and view the current 6-digit code
  4. Enter the code on the login screen to complete authentication

Time-based codes do not require an internet connection, which makes them ideal for situations with poor network connectivity. They can also be used across multiple devices.

Google Authenticator

Google Authenticator is a security app that generates time-based verification codes that change every 30 seconds and work even without internet or cellular service, which makes it useful in areas of poor connectivity. It can be downloaded from the Apple App Store or Google Play Store and is supported by the following devices:

  • iOS devices (iPhone/iPad) running iOS 14.0 or later
  • Android devices running Android 5.0 or later

Google Authenticator relies on your phone's time being accurate. If codes aren't working, check that your device's time and date are set to "automatic" in settings.

SMS Verification

SMS verification sends a unique one-time code via text message to your registered mobile phone when you attempt to log in.

SMS verification only works with phone numbers from the US and Canada. If you have an international phone number, please choose Okta Verify or Google Authenticator.

While SMS verification is more secure than security questions, it's considered less secure than app-based methods due to potential SMS interception. However, it's still an effective security layer for most users.

Standard text messaging rates from your mobile carrier may apply.

  1. Check to ensure that you have cellular service.
  2. Verify that your phone number is correctly entered.
  3. Try the "Resend Code" option after waiting 1-2 minutes.
  4. If issues persist, contact Broker Services at [email protected] or 888.813.7873.