If you are logging in for the first time or are prompted to set up multi-factor authentication (MFA), follow the instructions for one or more of the options. Technology Services strongly suggests that you configure at least two of these choices. This will allow you to use an alternate second factor if one is unavailable to you.

If you are adding an additional factor, first log in to your Okta dashboard, click your name in the upper-right corner then click Settings. Scroll down to the Extra Verification section and click Set up next to the factor of your choice. You may need to click Edit Profile in the upper right if you have been logged in to Okta for more than 15 minutes.

Setting up Multi-Factor Authentication (MFA)

This is the recommended option if you have a smartphone as it will be the quickest way to verify your login. Instead of needing to type in a code, you can simply respond to a yes/no push notification on your mobile phone. 

  1. Click Set up next to the Okta Verify option. 
  2. Select iPhone or Android then install the Okta Verify app on your mobile device using the link for the Apple App Store or Google Play Store. Click Next.
  3. Open the Okta Verify app on your mobile device and tap Add Account or the plus sign (+). 
    • Note: allow notifications and access to the camera if prompted 
  4. Point your phone camera at the QR code displayed in your browser window. 
  5. You are enrolled in Okta Verify! The next time you sign in, you will be able to send a push prompt to your phone or enter the one-time code displayed from the Okta Verify app. 

If you have trouble, see Okta's guide on setting up Okta Verify or contact the Service Desk at 253-879-8585.

With the Google Authenticator option, you may instead choose to use any other authenticator app such as 1Password, Authy, LastPass, or Microsoft Authenticator. Though the factor will show as Google Authenticator in Okta, the 6-digit code generated by any of those apps can successfully be used to verify your login. Please consult the support documentation for the app of your choice. The instructions below are for setting up Google Authenticator. 

  1. Click Set up next to the Google Authenticator option. 
  2. Select iPhone or Android then install the Google Authenticator app on your mobile device using the link for the Apple App Store or Google Play Store. Click Next.
  3. Open the Google Authenticator app on your mobile device and tap Begin Setup > Scan Barcode or the plus sign (+). 
  4. Point your phone camera at the QR code displayed in your browser window then click Next.
    • Note: allow notifications and access to the camera if prompted. 
  5. Enter the code displayed in the Google Authenticator app then click Verify
  6. You are enrolled with Google Authenticator! The next time you sign in, you will be able to use the 6-digit code displayed on the app to to verify the login attempt. 
  1. Click Set up next to the SMS Authentication option. 
  2. Click the dropdown to select the country where your phone is registered and enter your 10-digit cell phone number. Then click Send Code.
    • Note: At this time, only US and Canada cell numbers can be used.
       
  3. You will receive a text message on your cell phone with a 6-digit verification code. Enter the code in the field and click Verify
  4. You are enrolled with SMS authentication! The next time you sign in, you will be able to send a 6-digit code to your cell phone to verify the login attempt. 
  1. Click Set up next to the Voice Call Authentication option. 
  2. Click the dropdown to select the country where your phone is registered and enter your phone number. This can be a landline or desk phone. Then click Call.
    • Note: At this time, only US and Canada phone numbers can be used. We do not recommend using a Google Voice number. 
  3. You will receive a voice call with the following message: “Hello. Thank you for using our phone verification system. Your code is #####. Once again, your code is #####. Goodbye.” Enter the 5-digit code you hear then click Verify
  4. You are enrolled with Voice Call Authentication! The next time you sign in, you will be able to have a 5-digit code delivered via voice call to verify the login attempt. 

If you already have your own existing hardware token or physical security key, you can use it as your second factor as long as it is FIDO2 compatible. Please note this is not a standard option and will only have limited, “best effort” support. Therefore, you will first need to contact the Service Desk to request that this option be enabled for your account before setting it up. Technology Services will not be providing hardware tokens.

  1. Contact the Service Desk at 253-879-8585 or servicedesk@pugetsound.edu to request that this option be enabled for your account.
  2. Click Set up next to the Security Key or Biometric Authenticator option. 
  3. Click Setup on the next screen.
  4. Click Enroll and insert the security key into the USB port on your device.
    enroll security key
  5. Follow the prompts to complete the setup. This will vary depending on what type of security key and computer/browser you are using. You may be asked to create/enter a PIN, physically tap the security key, and/or allow login.pugetsound.edu to use your security key.

If you encounter difficulties with the setup, please consult the security key manufacturer's documentation or visit the Tech Center in the lower level of the Collins Memorial Library for assistance.