Multifactor Authentication
OMES is activating multifactor authentication (MFA) for Zscaler in a partnership with Microsoft to provide one MFA solution for multiple tools.
What and Why?
Zscaler is the virtual private network (VPN) login your computer uses to access the secure Oklahoma network. Adding MFA to Zscaler provides an extra layer of security for accessing critical state data.
Microsoft Authenticator will become the MFA solution for not just Zscaler, but Microsoft 365 and state computer access. Moving to one MFA solution for many tools helps simplify authentication.
How Do I Sign Up?
Any state employee who uses our VPN login software, Zscaler, to access data and applications will be impacted.
- Log into your account at https://aka.ms/mfasetup.
- You may be prompted to verify your identity. If you haven’t seen it before, this is part of the new Microsoft MFA. Select one of the options available.
3. Complete the authentication process and you should arrive at the Security info screen. It is possible you will be prompted multiple times to verify your identity. On the Security info screen, select Add sign-in method.
4. Select the drop-down arrow and choose Authenticator app, then select Add.
5. If you don’t already have it, install the Microsoft Authenticator app on your phone. You should be able to search for Microsoft Authenticator in your phone’s app store. Make sure it has a symbol that looks like the one on your screen. Select Next to continue.
6. Follow the prompts on your screen to complete the Microsoft Authenticator app set up.
7. Follow the prompts on your screen to complete the Microsoft Authenticator app set up.
8. Tap on Scan QR Code in the Microsoft Authenticator app (allow to use camera if prompted) and scan the QR code that is presented on your computer screen. See example below (your QR code should be different).
9. You should see a screen on your phone like the one to the left.
10. Tap Finish on your phone screen and you should see your work account listed in the Authenticator app.
11. Select Next in the Microsoft Authenticator window on your computer screen.
12. You may experience a situation where the Microsoft Authenticator setup has timed out on your computer and you are prompted to scan another QR code. If you see your work account listed in the Microsoft Authenticator app on your phone, you can disregard this and close the small Microsoft Authenticator window on your computer.
13. You should be back at the Security info window on your computer.
14. To change your default sign-in method from phone to Microsoft Authenticator, select the Change link next to Default sign-in method.
15. Select the drop-down arrow on the Change default method screen and select Microsoft Authenticator – notification from the list.
16. At this point, you should have successfully configured Microsoft Authenticator and set it as the default sign-in method.
Need help?
If you have any questions about setting up the Microsoft Authenticator app, please contact the OMES Service desk at servicedesk@omes.ok.gov or 405-521-2444.