Okta Multi-Factor Authentication

Multifactor Authentication (MFA) is now a required added layer of security used to verify Walsh staff, faculty and students identity when they sign in to an application.  There are three options to setup and complete the MFA requirement, Okta Verify, Google Authenticator, or SMS Authentication.  Each Walsh member must choose at least one to complete the MFA activation.  It is recommended to configure more than one MFA in the event SMS or wireless services are limited.  Click below to see step by step instructions for each option.

 


Okta Verify

When you attempt to log into your Walsh College account, you will need to enroll your device with Okta Verify. Once your device is enrolled, you use Okta Verify on your device to verify your identity each time you sign in to your Walsh College account.

When you enroll your device, Okta Verify used the camera on your device to scan a QR code on your computer screen. If you can't scan the QR code, see the "Enroll your device without scanning a QR code" section below.

The first time your attempt to sign into Walsh College, the "Set up multi-factor authentication" screen appears.

1. Click "Setup" to begin the enrollment process.

2. In the "Set Up Okta Verify" screen, select your device type and then click "Next".

3. Add an account

iOS

  • Tap "Add Account"
  • When prompted, allot "notifications" and "access to your camera".
  • Point your camera at the QR code displayed in your browser.

Android

  • Tap the "+" sign.
  • Point your camera at the QR code displayed in your browser.

When you point the camera at the QR code, the camera detects and reads the QR code automatically and your device is enrolled in Okta Verify. The web browser on your computer returns to "Set up multi-factor authentication".

If you can't scan the QR code, see the "Enroll your device without scanning a QR code"​ section below

4. Click "Finish" to complete device enrollment. 

 

Enroll your device without scanning a QR code

Follow these steps if you are trying to enroll a device but can't scan the QR code. Start with the instructions above up to the QR code displayed in your browser.

1. At the "Scan barcode" set in your browser, click "Can't scan?"

The setup Okta Verify screen appears. There are two versions of this screen.

2. Depending on which version of the screen that appears in your browser, do the following:

  • If the screen has a drop down menu, choose the option best suited for you and follow the on-screen instructions:
    • Send activation link via SMS
    • Send activation link via email
    • Set up manually without Push Authentication. If you select this option, make note of the Secret Key. You will enter it in the Okta Verify app on your device in a later step.
  • If the screen does not have a drop down menu, make note of the Secret Key. You will enter it in the Okta Verify app on your device in a later step. 

3. Open the Okta Verify app on your device and tap "Add Account" (iOS) or the "+" sign (Android).

4. On the following screen, tap "No barcode?"

5. On the "Add Account screen, do the following"

  • In the "Username" field, enter your Walsh College email address.
  • In the "Secret key" field, enter the secret key you made note of earlier.
  • Tap "Add Account".

6. In the Setup Okta Verify scree in your browser, click "Next".

7. In the "Enter code displayed from the application" screen in your browser, enter the number that appears under your account in Okta Verify on your device.

 

8. Click "Verify".​

 

 


 

Google Authenticator

Users must start the Google Authenticator app on their mobile device to generate a six-digit code that will be required to sign in to their Walsh College account. After five unsuccessful attempts, regardless of the time between the attempts, the user account is locked and must be reset by an administrator.

 

Using Google Authenticator

The first time users sign into their Walsh College account will have to configure this factor. To do so, please perform the following steps:

1. Click the “Set up” button.

​​

2. Select your mobile device, follow the instructions to download and install Google Authenticator, and then click “Next”.

3. You will then see a QR code. This code can be scanned by your phone using the Google Authenticator to complete the configuration.

  

 

Setting up Google Authenticator on your phone

You will need to configure Google Authenticator on your phone in order to link it to your Okta account. 

When you launch the the app, click "Get started". You will then have the option to either scan the QR code or manually enter the code.

            

If you select "scan a QR code", you will then be prompted to "Allow Authenticator to take pictures and record video". This is so the app can use your camera to scan the QR code shown above on the Walsh College page. 

If you select "Enter a setup key" to configure an account manually, perform the following steps:

  1. Click the "Enter a setup key".
  2. In the username field, enter your Okta/Walsh College username (for example, username@walshcollege.edu).
  3. On your computer, click the “Can’t scan” link so that you can access the secret key and enter it in the Key field.
  4. Click “Done”.

 

Using the Google Authenticator App

After you install and configure Google Authenticator, click on the app and use the six-digit number to authenticate when prompted.

Note: The pass code generator screen appears and generates pass codes to use when prompted for extra verification. You have 30 seconds to enter the pass code before it generates a new one.

Revoking or Reconfiguring the Google Authenticator App

You can remove Google Authenticator as a factor by unchecking it in the factors list. To reconfigure it, remove it, and then add it back in.

 


 

SMS Authentication

Users sign in to their Walsh College account and authenticate by entering a security token that is sent to their mobile device.

Using SMS Authenticate

The first time users sign into their Walsh College account after you configure this factor, they see the Extra verification is required for your account page and must perform the following steps: 

1. Click the “Setup” button beside Text Message Code.

2. Enter the mobile phone number where you want your security tokens sent, then click "Send code".

3. Enter the security token that was sent to your phone.

To reset and configure your settings if you lose your phone or get a new phone number, select the “Account” tab on your homepage and then click the “Setup” button in the Extra Verification section.

If you are configuring a user who already has a mobile telephone number verified in Okta, the following message appears.

 

Note about SMS Messaging

By design, enabling SMS factor authentication requires that end users receive an SMS text message on their mobile devices. When this factor is enabled by an admin, end users will receive an SMS text message with an authentication code when they sign in to Okta, even if they have sent an SMS opt out request on their device. If SMS messaging is of concern to your users, you may enable another factor of your choice as an alternative.