Set up multi-factor authentication

  • Updated

Multi-Factor Authentication (MFA) requires more than one way to authenticate a user.  Factor means the  way to prove a person is who they say they are, such as using a password. Adding a second or more factors makes authentication more secure, such as sending a code to your phone or email, or requiring an authentication app that you verified during your account setup.

You can use MFA if you do not use a single sign-on (SSO) connection with your organization.  If your organization uses SSO to log into Opti ID and you want MFA as part of your login flow, you need to set it up with your own identity provider.  For customers currently using local logins with MFA enabled, switching to SSO will disable MFA.

Enable MFA

As an administrator of your organization:

  1. Go to The home dashboard displays.


  2. Click Admin Center.
  3. Select Settings > MFA to show your options. If you have an SSO setup, be aware that you cannot adjust your MFA settings:


  4. If you are using Opti ID local users to log in, toggle the switch to enable or disable MFA.  This change may take a few minutes to complete.


Login with MFA

After you enable the MFA toggle, users will be required to setup MFA upon sign-in.

  1. Sign in as usual.


  2. Click Next to input the user password:


  3. Click Verify. If a user has not yet set up MFA, the following set up displays:


  4. Following the on-screen instructions, click Set up to download and install Okta Verify and scan the QR code on the screen with your phone:


  5. After Okta Verify is set up, you can set up an additional phone factor.  (You can click Set up later to opt out of this and log into Opti ID.)


  6. If you choose to set up a phone, provide a number:


  7. Click Receive a code via SMS.  You will receive a 6-digit code via SMS to input into the next screen:


  8. Click Verify. Your phone will also be setup as an additional factor for authentication.  You will then be logged into Opti ID.

Login with MFA after set up

Returning MFA users log in as usual with their email and password.  After you input their password, you are prompted again for your Okta Verify code: