The information provided in this article does not constitute legal or financial advice and is for general informational purposes only. Please check with an attorney or financial advisor to obtain advice with respect to the content of this article.

How to Reset Okta Passwords & Okta MFA

Okta is a cloud-based identity and access management (IAM) provider. Companies of all sizes use Okta to manage their employees’ access to applications and devices. Okta also provides consumer identity and access management (CIAM). 

Okta is immensely popular, but recent high-profile breaches of Okta customers and Okta themselves have shone a harsh spotlight on a critical vulnerability within Okta and other IAM tools: password resets and multi-factor authentication (MFA) resets. 

To help organizations address this threat, Nametag has built the industry’s first secure self-service MFA reset solution, Nametag Autopilot. Through Autopilot, employees can securely reset their own Okta passwords and Okta MFA devices without having to involve the IT helpdesk. Read on to learn how to reset an Okta password or Okta MFA with default options, then how to reset them with Nametag Autopilot.

Reset an Okta Password

Okta allows users to reset their own passwords using authentication via email or SMS, and a security question. However, Okta uses out-of-date verification methods and does not offer self-service MFA resets. This leaves critical vulnerabilities that can lead to breaches, while forcing users to create helpdesk tickets for MFA resets.

To reset your Okta password, go to your organization’s Okta login page (typically companyname.okta.com) and then follow the flow to reset your password.

  1. Click on Need help signing in? and then on Forgot Password.
  2. Enter your work email address, then click Reset Via Email or Reset via SMS (if enabled). You’ll receive an email (or text message) with instructions and a link.
  3. Answer the security question when prompted.
  4. Create a new password.
Okta self-service password reset flow diagram
Okta self-service password reset flow – from Okta

It's worth noting that although this is very convenient for users, it creates huge security risks. In August 2023, Okta warned its customers that hackers were targeting IT helpdesks in order to compromise privileged user accounts. A month later, MGM Resorts was hit by ransomware. The attackers, Scattered Spider, said that they socially engineered helpdesk agents in order to breach MGM’s Okta implementation. Then, in December, Okta themselves were breached in an attack that leaked data on all of their customers.

Reset Okta MFA with Default Options

Okta does not offer self-service MFA resets. To reset a user’s multi-factor authentication, a company Okta administrator must use their admin console to do this manually. First, they’ll need to verify that the person is not an imposter. Okta’s own Chief Security Officer, David Bradbury, recommends doing this via visual verification. But video verification calls are incredibly time-consuming, costing $162 or more per call. Also, they can now be duped by AI-generated deepfakes (see the story of February’s $25 million AI deepfake hack).

In the wake of numerous Scattered Spider and deepfake attacks, Okta customers have been surrounding their Okta implementations with Nametag to provide better security during password and MFA resets. With Nametag, employees can securely reset their own Okta passwords and Okta MFA devices without involving the helpdesk.

Self-Service Okta Password & MFA Resets

Nametag perfectly compliments Okta by enabling employees to securely reset their Okta MFA and passwords entirely on their own. Here’s how to reset a Microsoft Okta password or Entra Okta with Nametag.

  1. Navigate to your company’s Nametag account recovery microsite.
    Enter your work email address, and then scan the QR code with your smartphone. This will launch the Nametag experience on your device.
  1. Follow the instructions to verify your identity with Nametag. 
    Scan the front and back of your government-issued ID. You can use a driver’s license, passport, or any of 11,000 other forms of government-issued photo ID.
  1. Take a selfie.
  1. Wait for Nametag to verify your identity, then hit “Close”.
  1. Return to your microsite. You will now have the option to reset your Okta MFA or password.
  1. Click “Reset multi-factor authentication” or “Reset your password” for Okta, then follow the instructions to reset your password or MFA.

Nametag integrates with Okta to close a critical security and experience gap: the Okta recovery process. Organizations using Nametag with Okta save up to 30% of their helpdesk costs by deflecting MFA resets to self-service, while protecting employee accounts from takeovers.

Watch a demo of self-service account recovery with Nametag Autopilot, then get in touch to start automating your Okta password and MFA resets.

Looking to fix your fraud problem?

Learn how you can use Nametag to quickly verify anyone's identity, simply by typing in their phone number or copy/pasting a link.