Body
Table of Contents (Answers Below)
Why are we moving from Duo to Okta Verify?
Okta Verify is included in our Okta subscription; Duo adds an additional cost. In order to reduce expenses for Mines, we are moving the majority of multi-factor authentication (MFA) challenges to Okta Verify.
Why aren’t all MFA challenges moving to Okta Verify?
Duo will be used for server access on campus because it performs better for that specific use case.
Why are SMS/text messages and phone calls being removed as options for receiving MFA challenges?
Cyberattacks are getting more advanced. Through social engineering, hackers can easily learn a user’s phone number and clone it to another device. Once this happens, the hacker can intercept the SMS text message or phone call and can approve their unauthorized access from there.
The push notifications you’ll receive through the Okta Verify app are significantly more secure.
Is there an alternative to using the Okta Verify app for MFA challenges?
We recommend purchasing a YubiKey as an alternative to receiving push notifications through the Okta Verify app.
You’ll need to keep your YubiKey with you because it’s required to complete MFA challenges. Depending on the YubiKey, you’ll either need to insert it into a USB port on your machine or some models are near field communications(NFC)-enabled and allow you to touch your YubiKey to the device.
Why can’t I use the Duo fob I have?
If you are accessing a server and receive a Duo challenge, you will be able to use your fob if you have one. However, those Duo fobs are specific to Duo and cannot be repurposed for use with Okta Verify