Features

WHAT IS OKTA, SSO, AND MFA?

You may hear different terminology when discussing how to access WSU’s network resources. To clarify the differences:

Okta is the name of the vendor who supplies WSU’s current SSO login process and Multi-Factor Authentication (MFA) service.

SSO is an acronym for Single Sign-On, which is the name for the log in process that allows WSU users to access most university websites and software applications with a single set of login credentials.

MFA or Multi-Factor Authentication (sometimes referred to as two-factor authentication or extra verification) is WSU’s added security authentication step that requires a user to enter their Network ID (NID) and password, followed by a verifying a code through one of the following options:

  • Authentication app on a mobile device (Okta Verify or Google Authenticator)
  • Voice call
  • USB Key
  • Text message (SMS)

Users who need to access WSU resources will receive an invitation to set up their WSU Okta account for their NID or Friend ID (FID) and password, as well as MFA preferences, at account.wsu.edu.

  • Users will receive reminders to reset their password every six months.
  • For assistance creating an Okta-compliant password, search ‘password generator’ in Google and you will find a number of online websites ready to help.
  • Already have your WSU password, but need to visit the WSU password management site? Visit account.wsu.edu anytime.

Sample OKTA SSO Account Activation Email

WSU SSO – How to Unlock Account

About MFA

Will MFA make my device susceptible to public records requests?

Although the verification codes are technically public records, they likely would be considered transient and therefore could be deleted by the employee after use. If there was a records request for the codes, the employee would be asked to provide any codes that still existed on their phone. Under current case law, if the completeness of the employee’s response to the request were challenged, the employee could be asked to provide an affidavit. Seizure of a phone is highly unlikely.

Multi-Factor Authentication (MFA) for myWSU

Close to 50,000 users per month are now successfully using the new Okta SSO system for many WSU websites and software applications.

Preparing for MFA in your Area: MFA Options

Users have five options available for MFA. Users should ideally select two of the following options. One option is required, but a second option can serve as a backup resource:

  • Okta Verify Mobile App – Sends a push notification, or provides a unique code every 30 seconds, to approve authentication.
  • Google Authenticator Mobile App – Generates a unique code every 30 seconds.
  • SMS – Text message with a unique code is sent to the user’s phone number.
  • Voice call – An automated message delivers a unique code to the user’s phone number (can be a home, mobile, or desk number).
  • USB Security Key – Device (similar to a flash drive) that inserts into the computer’s USB port.


Audience

Alumni, Distributed IT, Central ITS, Staff, and Students

Cost

N/A