Self Service+ supports offline multifactor authentication (MFA), allowing users to access their computer with a time-based one-time password from an authentication app without a connection to an identity provider. This allows users to access their computer securely without an active internet connection. For information about configuring offline MFA, see Multifactor Authentication.
In Self Service+, the Administrator privileges tile prompts the user when offline MFA is available to configure.
- When the user clicks Set up authenticator, the user receives a QR code to use with an authenticator app of their choice, such as Google Authenticator or Okta Verify.
- Once linked to the authenticator app via the 6-digit OTP code, Self Service+ will automatically display a backup code. This code is required to remove MFA should your paired device become unavailable and cannot be recreated.
- A prompt appears that informs the user their MFA setup is complete, additionally allowing the user to remove MFA at any time.
- When a user returns to the login screen of their computer, they will be prompted to verify their identity with the code generated by their authenticator app if no internet connection is available.