Set Up Multifactor Authentication Methods
Setting up multifactor authentication (MFA) methods is either optional or mandatory for you, based on the environment you're in. After a method is set up, you can use it as a second factor of authentication for signing in.
Enroll in MFA and Set Up Your First Authentication Method
- Sign in to the application using your application user ID and password. If mandatory MFA applies to you, skip to step 4.
- Click your user image or name in the global header, and select Set Preferences from the Settings and Actions menu.
- Open your password preferences and click Manage Secure Verification.
- Enable secure verification using any of the available methods. You go
through this guided setup process only when you're enrolling in MFA for the
first time.
Method Action Required Mobile App Use either of these modes. - Set up the Oracle Mobile Authenticator App to send a push notification for allowing or denying a sign in attempt.
- Set up the Oracle Mobile Authenticator App to generate a passcode.
Phone Number Verify using the one-time passcode that's sent to your phone number as a text message. Email Verify your email address using the one-time passcode that's mailed to you. Passkey Follow the on-screen instructions to configure a passkey for your device. Note: Your work mobile number and work email are used for the Phone Number and Email methods. The mobile number and email are stored in Oracle Fusion Cloud Applications and not in Oracle Cloud Infrastructure.
Set Up Additional Methods and Manage Them
After you enroll in a MFA factor, you can set up additional secure verification methods on the Security tab that opens in Oracle Cloud Console. Any time after enrollment, you can click the Manage Secure Verification link in your password preferences to return to the Security tab and set up additional secure verification methods or manage them.
Bypass codes are available as an additional authentication option. You can generate a bypass code and save it for later use, but you can use it only once. A bypass code comes in handy for you to sign in when your authenticator is unavailable for any reason like lost service or no service. You can also contact your administrator to get a bypass code.
After entering the username and password, if you can't use the MFA factor that was enrolled earlier, select the Try another way button to view the other MFA factors that are available for use. On selecting the Try another way button, from the remaining MFA factors that are available for you, select the MFA factor that you can use to sign-in to the application.
Select the Trust this device for 15 day(s) option to access the application without getting prompted to verify every time you sign-in, for the specified number of days.