Okta Frequently Asked Questions (FAQs)
Information 4.1 Technology partnered with the Information Security team and introduced Okta, a new, state-of-the-art multi-factor authentication (MFA) solution for business-critical networks and applications like Oracle and Office365. This will help to protect Light & Wonder's confidential and proprietary information from outside threats.
The questions and answers in this bulletin explain multi-factor authentication, introduce Okta, and describe the variety of ways users can access the platform.
1.0 What is multi-factor authentication (MFA)?
MFA is an industry standard for confirming a user's claimed identity by using something they know, i.e. a password, and a second factor incorporating either something they have, e.g. a mobile device, or something inherently unique to that individual, e.g. a fingerprint. An MFA event occurs when a user logs into a critical application or company network over a virtual private network (VPN) while away from the office.
2.0 What is Okta?
Okta is the world's leading provider of identity management. It is a single, integrated platform that offers secure access to enterprise applications and information via multi-factor authentication.
2.1 What browsers are supported by Okta?
Okta supports Chrome, Safari, and Edge.
2.2 What are the authentication methods offered by Okta?
All L&W employees will enroll in one or more of the authentication methods seen below.
2.2.a How do I register for more than one factor for Okta MFA?
- Login to https://login.lnw.com/
- Click on user profile, go to settings, click Edit Profile and re-login, then scroll down to Extra Verification and click Setup next to the factor you want to add and following instructions to finalize process.
- If you have any questions or concerns, please contact Service Desk (1-877-889-0933) or email service.desk@lnw.com.
2.2.b How do I reset Okta MFA or register on a new device?
Please contact Service Desk (1-877-889-0933) or email service.desk@lnw.com
2.3 How will the adoption of Okta affect me as an end user?
You will use your L&W email address as your username and your L&W network password when logging in to Okta.
You will be prompted to complete MFA every time you log on via a virtual private network (VPN).
Certain applications, e.g. Oracle EBS, and Blackline, will require MFA once every 12 hours.
2.4 What are my options for accessing Okta?
The sections below provide instructions for the various ways you can log on to Okta.
2.4 Accessing Through a Web Browser
1. Open a web browser and visit the https://login.lnw.com for logging in to L&W’s Okta portal.
2. If prompted, type your L&W email address in the Username field and your L&W network password in the Password field.
3. Click the downward-pointing arrow to the right of the symbol featuring the blue check mark.
4. Click one of the available options on the Select an authentication factor drop-down menu.
2.5 Accessing the Network via Cisco AnyConnect VPN
1. Open Cisco AnyConnect Secure Mobility Client.
2. Type your LnW email address in the Username field and your LnW network password in the Password field.
3. In the Cisco AnyConnect dialog, type the number corresponding with one of the available authentication methods in
the Answer field and click Continue.
4. Complete the necessary steps for the authentication method you chose in step 3.
NOTE: If you have not enrolled in Okta, Cisco VPN will provide popup window to guide you through the enrollment steps.
OR
You can enroll here: https://login.lnw.com
2.6 Remotely via Okta Mobile
Okta Mobile allows users to access enterprise applications from their mobile devices with a 4-digit pin code. It provides a high level of security while also offering users the convenience of a single login. Refer to section 7.0 for setup instructions.
2.7 How does it affect Vendors accessing internal applications using LnW provisioned VPN?
All vendors have to enroll into Okta (see Table-1 in FAQ) in order to access LnW enterprise applications or while using LnW
2.8 What if the VPN I am using is not listed in the FAQs?
You will not be prompted for Okta MFA. However, it is mandatory to enroll into Okta in order to access LnW Enterprise applications. \
If the VPN you are using is not listed in FAQ’s and is not managed by Corporate IT, the owner of that VPN (Any division) should reach out to Okta team ASAP via a ServiceDesk ticket. Okta team will work with you to on-board VPN accordingly.
2.9 How do I enroll in additional authentication options?
1. Log on to the Okta portal https://login.lnw.com
2. Click the downward-pointing arrow to the right of your name and click Settings.
3. Click on EDIT profile if the setup option below is grayed out.
4. Scroll down to the Extra Verification section.
5. Select the authentication method you want to set up and follow the instructions on your screen.
3.0 Which applications will require MFA?
Office 365 | Oracle EBS | Blackline | Workday | Salesforce | Concur | Jira | Jira ServiceDesk | Oracle Configurator | Oracle Planner | Shuffle Flex (Internal)
For most applications, the session will be valid for 12 hours and will not be promoted for MFA. Office 365 sessions will be valid for 60 days unless the user logs out of Outlook or changes their network password.
LnW Users will notice the following change in behavior while accessing O365 applications such as Outlook, OneDrive and Teams etc…
Once Okta is federated with Office 365 change federation, all Users will be asked to enter credentials, as authentication topology change.
1. Working outside office network – Not connected to Corporate VPN:
User will be prompted to enter credentials along with MFA initial
User will be prompted to enter credentials along with MFA every 12 hours thereafter
User accessing via Browser will also be impacted in same way.
2. Working outside office network-Connected to Corporate VPN:
User will be treated as in-office network.
No Credentials pop-up will happen.( may have to re-lauch application after connecting to VPN)
3. Working inside office network
No Credentials will be asked login
Additional Questions:
4. Will I be asked to login on my Mobile device?
Mobile devices are excluded from all of the above policies. You will be prompted to enter credentials only when you change your password.
5. Will I be asked to enter credentials once I reach home from Office?
Yes, you will be prompted to enter credentials. Ideally, users are encouraged to login to VPN and then relaunch all applications to avoid any login prompts.
6. I normally work from home, what should I do?
If you work from home all the time, we recommend you connect to VPN first and then launch all Office apps to avoid credential popup.
7. Yammer, Teams are not taking password after 12 hours, what should I do?
If any applications do not work as expected after 12 hours please sign-out from application and re-open that should fix the issue or quit all applications , connect to VPN and launch the application.
8. I do not see any of my mapped mailboxes when I go through Login Portal and use Outlook from there.
Please note that, when you use the browser version of Outlook via the portal, you will not see mapped mailboxes. The browser version is for emails only. Use the Outlook client in order to see all the mapped mailboxes
3.2 Oracle EBS Application Access
Users are required to perform Multi-Factor Authentication Once Every 12 hours while accessing the application as mandated by Corporate Security team
LnW Users
1. Accessing Via the Okta Portal:
When the user goes to Okta portal they will be automatically logged into Okta.
Once logged into Okta portal, users will be prompted for Okta MFA while accessing Oracle EBS
2. Accessing Via the EBS Bookmark or Link:
User will be prompted for Okta MFA
3. What happens to Oracle One Login?
Users should no longer use OneLogin but can continue to use bookmarks as they are unchanged
3.3 What is the process to ON-BOARD an application into Okta portal for MFA?
Initiate a ServiceDesk ticket. LnW Okta team will work with you to on-board your application for MFA
3.4 How does it affect me if I am using my personal laptop to access LnW applications?
LnW security team has to provide clearance in order for you to use personal laptop to access LnW property [OR] You will have to request for LnW laptop
You will have to enroll into MFA in order to access enterprise applications.
3.5 How do I reset my network password?
Although Okta maintains all Active Directory passwords, you will have to follow the existing process for all password reset requests. If you currently initiate a Service Desk ticket, continue to do the same.
3.6 Who will get YubiKey?
YubiKey provides more stricter Muti-Factor authentication for users that accesses secured information or production servers etc…(Ex: Executives, Systems teams etc..). For general population, this is optional and they should enroll into other MFA options presented to them.
3.7 What do I do if I lose my Yubikey?
Immediately report the loss to your manager and create a Service Desk ticket.
3.8 Can I install Okta Verify on two mobile devices?
No. If you want to switch Okta Verify from one device to another, create a Service Desk ticket. After an Okta Admin deactivates your old device, you can set up Okta Verify on your new device.
3.9 What should I do if I lose my mobile device?
Immediately report the loss to your manager and create a Service Desk ticket.
4.0 Who should I contact if I experience any issues with Okta?
Please reach out to your local helpdesk and raise a ticket for Okta support team. For emergency issues, you can reach out Corporate-OktaSupport@lnw.com
LnW strongly recommends using Okta Verify as your primary authentication method. Okta Verify is fast, easier to use than other methods, and provides automatic Push authentication prompts.
1. Open a web browser and visit https://login.lnw.com.
2. On the Okta Sign in screen, type your LnW credentials in the Username (corporate email), Network Password and click Sign in.
3. On the Set up multifactor authentication screen, click Configure factor under the Okta Verify section.
4. On the Setup Okta Verify screen, click the appropriate icon for your mobile device under the Select your device type subsection.
5. Click Next.
6. On your mobile device, open:
a. The Apple App Store if you have an iOS device.
b. The Google Play Store if you have an Android device.
7. Search for and install Okta Verify.
8. Open Okta Verify on your mobile device.
9. On the Welcome to Okta Verify screen, tap Add Account.
10. Use your mobile device to scan the barcode on your computer screen.
11. On the Setup Okta Verify screen, click Next.
An Okta Verify code appears on your mobile device.
12. Type the code from your mobile device in the field on the Setup Okta Verify screen and click Verify.
[OR]
13. Click on ‘SEND PUSH’
14. A pop-up (sample below) appears on your mobile phone. Click on ACCEPT.
6.2 SMS Authentication Setup
1. Complete step 1 and step 2 from the Okta Verify Setup section.
2. On the Set up multifactor authentication screen, click Setup under the SMS Authentication section.
3. On the Receive a code via SMS to authenticate screen, type your phone number in the Phone number field.
4. Click Send code.
5. On the Receive a code via SMS to authenticate screen, type the code that was sent to your mobile device in the Enter Code field.
6. Click Verify.
6.3 Voice Call Authentication Setup
1. Complete step 1 and step 2 from the Okta Verify Setup section.
2. On the Set up multifactor authentication screen, click Setup under the Voice Call Authentication section.
3. On the Follow phone call instructions to authenticate screen, enter your phone number in the Phone number field.
4. Click Call.
5. Answer the call you receive at the phone number you provided in step 3.
6. Type the code you receive from the phone call in the Enter Code field on the Follow phone call instructions to authenticate screen.
7. Click Verify.
6.4 Security Question Authentication Setup
1. Complete step 1 and step 2 from the Okta Verify Setup section.
2. On the Set up multifactor authentication screen, click Setup under the Security Question section.
3. On the Setup secret question authentication screen, select a question from the drop-down menu.
4. Type your response in the Answer field and click Save.
6.5 Remotely via OpenVPN
The only authentication method available to Digital users seeking VPN access via OpenVPN is 1 – Okta Push. Digital users can use any of the available authentication methods to access the Okta portal and enterprise apps therein.
SciGames users will continue using their native second authentication method (YubiKey) for VPN access. However, SciGames users should use one of the Okta authentication methods to access the Okta portal after logging in to the VPN.
6.6 Remotely via Web Browser
If you access any of LnW’s enterprise apps via web browser from outside of the network, you will be prompted to complete one of your available authentication methods for accessing the Okta portal.
6.7 Remotely while Traveling without Network Connectivity
If you are traveling and your mobile device does not have network connectivity, you still have an authentication method available. The Okta Verify mobile app provides a six-digit, rotating code that can be used to access the Okta portal despite your mobile device being offline.
Follow the steps below to use your mobile device for MFA when it is offline.
1. Open a web browser and visit https://login.lnw.com.
2. Type your LnW credentials in the Username and Password fields and click Sign in.
3. Select Okta Verify as your authentication factor and click Or Enter Code.
4. Open Okta Verify on your mobile device.
5. Type the six-digit code from the Okta Verify app in the Enter Code field.
Okta Mobile
Okta Mobile allows users to access enterprise applications from their mobile devices with a 4-digit pin code. It provides a high level of security while also offering users the convenience of a single login.
7.0 Setup Okta Mobile
1. Download and install Okta Mobile from the Apple App Store.
2. Open Okta Mobile on your mobile device.
3. Type LnW in the First Box (In case of Android) OR Enter URL https://login.lnw.com (in case of IOS
4. Type your LnW credentials in the Username (company email) and Password fields.
5. On the Setup a new Okta PIN screen, type a new four-digit PIN.
NOTEFingerprint optional
7.1 Launching Apps via Okta Mobile on iOS
1. To access apps via the built-in browser, tap the mobile menu button in the top-left corner of the screen.
2. Tap My Apps.
3. Tap the corresponding icon to access the apps you want to use.
NOTEApps are organized using the same tab system as on the traditional Okta interface.
7.3 Okta YubiKey Setup
1. Login to the Okta portal (https://login.lnw.com).
2. Click the downward-pointing arrow to the right of your name and click Settings.
3. Click on EDIT profile
Enter Password and perform Okta Sign-in using already enrolled MFA type
4. Scroll down to the Extra Verification section
5. Select the authentication method YubiKey.
6. YubiKey verifies and logs into portal
7.4 Will there be an Okta desktop icon and bookmark pushed to my machine?
Yes, users will automatically have the icon/bookmark pushed to all users machines.