Get a feel for Okta as an early adopter

Faculty, staff and students who want to take Okta on a test drive can start using the identity and access security platform on a volunteer basis. That means just one password to remember for access to multiple web-based programs and applications, such as Outlook 365 and Cybox.

"Okta will make our day-to-day duties more convenient and help keep us safe by protecting individual and university information," said Mike Lohrbach, director of enterprise services and customer success for information technology services. "It will streamline some of the password reset and account unlock capabilities we have at Iowa State."

Users can customize their Okta dashboards with access to their most-used applications. All ISU's web-based applications will be part of the early Okta enrollment experience. Programs installed on computers are not included.

"Anything that you authenticate through the web with your Iowa State credentials -- those are our scope," Lohrbach said.

Give it a whirl

Okta participants can use their Net-ID and password to log in to Okta via a web browser, such as Firefox, Chrome or Safari. Once users are signed in, applications enrolled in Okta are available without another login. Lohrbach said Okta allows users a 10-hour session with a single, secure login from anywhere.

"Early enrollment is going to help people get logged in and become familiar with Okta and how it will streamline the way they access university applications," Lohrbach said.

Lohrbach said ISU's current sign-ons page available through a link from the homepage is a good example of what Okta's dashboard experience will provide.

"That's almost like a mini university-wide dashboard," he said. "The most common things are there -- I click, log in and go to the app."

The WorkCyte timeline projects campuswide Okta enrollment by the end of the semester.

Secure login

Okta will require multifactor authentication (MFA) for logins, adding another layer of security. MFA provides one-time authentication codes during the login process, available five ways:

  • Okta Verify mobile application
  • Text message
  • Phone call
  • Google Authenticator
  • Physical "token" (YubiKey, similar to a USB jump drive), carried by the user

"We encourage people to enroll in as many [factors] as they can," he said. "If they forget their phone and can't get an authentication code via text or phone call, they have other options. You can pick from a drop-down menu which factor you want to use."