Okta Is Coming
Overview

JMU Information Technology (IT) is currently implementing Okta, a modern, cloud-based, Identity and Access Management (IAM) platform that will replace Duo. Simply put, once Okta goes "live," it will:

  • Manage all eIDs and passwords at JMU and provide secure access into every major system
  • Provide a jumping-off point called MyJMULogin from which you can access many JMU systems
  • Handle multi-factor authentication (MFA) for your account through the Okta Verify app

Please read the information below to learn important actions you need to take to be ready for the go-live date.

Differences between Duo and Okta

There are multiple major differences of which you should be aware:

  • Okta uses the Verify app for MFA instead of the Duo Mobile app you have used in the past.
  • With Okta, you will only need to change your password once per year.
  • After moving to Okta, JMU will introduce a new password standard of at least 16 characters.
  • With Okta, SMS (text messages) will no longer be accepted as an authentication factor (see FAQ below).
  • If you currently have a Duo hardware token (sometimes called a D100), you must exchange it for a Yubikey. These devices will soon be available; look for upcoming details regarding obtaining one.
How and when do I enroll in Okta Verify?

Refer to the Enrollment Schedule on this page to determine when your enrollment window opens. When your enrollment window opens, an email will be sent to your JMU email address that will prompt you to begin enrollment.

Enrollment from a Computer:

  1. In the Okta activation email (sent to your JMU email with subject, "Welcome to JMU Okta!"), click the Activate Okta Account link. If the link has expired, do ONE of the following:
    1. If you have a JMU eID/password: visit MyJMULogin at https://mylogin.jmu.edu and enter your credentials to begin enrollment.
    2. If you only have Alumni email: request a new activation link, wait for a new email, and visit the new link.
  2. If you have a JMU eID/password, skip to step 3. If you only have Alumni email, click Set Up and set your Okta password before proceeding to step 3.
  3. Click Set Up under the Okta Verify description.
  4. A QR code will appear. Keep this screen open.
  5. On your smartphone, download the Okta Verify app from the App Store (iOS) or Google Play (Android).
  6. Once downloaded, open the app, click Get Started and click through the next two prompts.
  7. After clicking Add Account, select Organization (Work, school, company) as the Account Type.
  8. Skip Add Account from Another Device.
  9. On the Do You Have a QR Code? screen, click Yes, Ready to Scan.
  10. Scan the QR Code from Step 4.
  11. Finish the setup process. (JMU recommends that you Allow Notifications for push authentications)

 

Enrollment from a Mobile Device:

  1. Download the Okta Verify app from the App Store (iOS) or Google Play (Android).
  2. In the Okta activation email (sent to your JMU email with subject, "Welcome to JMU Okta!"), click the Activate Okta Account link. If the link has expired, do ONE of the following:
    1. If you have a JMU eID/password: visit MyJMULogin at https://mylogin.jmu.edu and enter your credentials to begin enrollment.
    2. If you only have Alumni email: request a new activation link, wait for a new email, and visit the new link.
  3. If you have a JMU eID/password, skip to step 4. If you only have Alumni email, click Set Up and set your Okta password before proceeding to step 4.
  4. Click Set Up under the Okta Verify description.
  5. Select whether you want to be sent an email enrollment link or a text message enrollment link.
  6. When you receive your email or text message, click the enrollment link inside.
  7. Finish the setup process. (JMU recommends that you Allow Notifications for push authentications)
What Happens Next?

Once you've enrolled into Okta Verify with at least one device, you're ready! Do not remove Duo Mobile from your device(s) - Duo will continue to authenticate logins until Okta goes live during Spring Break. Okta Verify will automatically take over at that time. If you need to enroll a second device or a hardware token, or if you replace a device you've enrolled (e.g., you get a new phone), please return to Okta to update your information or reach out to the IT Help Desk for assistance.

Where can I get Help/Support?

Information Technology Help Desk at (540) 568-3555, IT Service Portal or helpdesk@jmu.edu

Ask a Question

Report an Issue

Search for Answers

Please see additional frequently asked questions below.

Enrollment Schedule

Upcoming Phases

02/04/25: December 2024 Graduates (who did not re-enroll)

02/11/25 through 2/20/25: Current Students

02/25/25 and 03/04/25: Applicants and Matriculated Students

 

Completed Enrollment Groups

All employees, emeriti, affiliates, Board of Visitors, and alumni (graduates prior to Dec. 2021)

Missing your enrollment email?  Here are some simple enrollment steps.

 

Updated 1/9/2025

Related News
What is MFA or Okta?
Video Play Button Okta Intro Video
Okta Sneak Peek
Video Play Button Okta Sneek Peek
Frequently Asked Questions (FAQs)

Starting March 17, 2025, JMU eID holders will no longer be able to use text messages containing a one-time passcode for multifactor authentication. 

With Duo, users could receive a text message with a passcode as an alternative to receiving a Duo push notification to complete the authentication prompt. Okta Verify will not support this type of authentication. 

Text-based authentication has become less secure than other available methods, so the Identity and Access Management industry is moving away from this method to keep accounts safe.

If you do not have a smartphone, then you will have to use an Okta hardware token, known as a Yubikey, to authenticate your logins.  Your Duo-branded hardware token will no longer work with Okta.  Information about exchanging Duo tokens for Yubikeys will be sent to token users soon.

Anyone can obtain an Okta hardware token, know as a Yubikey, as an alternative to authenticating on a smartphone (Note: this is the only way to authenticate without a smartphone). Once available, anyone with a current Duo token can exchange it for a Yubikey. JMU employees without a Yubikey can also obtain one free of charge. Please look for upcoming communications about Yubikey availability and exchange instrutions.

Yes, unless you request a change. Following Spring Break 2025, JMU will move to a revised eID format for all new users (new students, new employees, new affiliates). While the current eID format is based upon the user's name, the new eID will be randomized and non-identifiable. If you currently have an eID based on your name, you will not be required to change it. More information about the new eID format is coming soon.

Currently, eID change requests are on a pause due to Okta implementation. Following Okta go-live and a brief, subsequent testing period of the new eID change process, request processing will resume. Any individual who requests an eID change will receive a new eID in the new format (see previous FAQ question). Any eID changes are granted on a one-time, non-reversible basis and can be requested for any reason.

To request a new eID:

  • Employees, please contact the Office of Human Resources.
  • Students, please contact the Office of the Registrar.
  • Anyone with both jmu.edu and dukes.jmu.edu email addresses must request changes to both offices.

Related: University Policy 1345 Legal and Chosen Names 

If you report a legal name change to the University, you are not required to change your eID, nor does it happen automatically - a change must be requested.

There are several key benefits to the Univeristy using Okta, several of which are based around security and simplicity.

Okta will provide a service called MyJMULogin that will serve as a central location or web application from which you can access many JMU-specific sites and accounts. This service will minimize the amount of times you will need to log in and authenticate.

In addition, while password requirements are being modified to match Identity and Access Management Standards, you will not have to update your password as frequently. 

Realizing the impact of this project, Information Technology carefully chose the Okta go-live date and vetted the timing with senior leaders across the UniversityAlternative dates were considered, but none presented fewer or less significant challenges than the chosen date. The choice of Spring Break attempts to minimize disruptions, allows a long enrollment window, and provides everyone an opportunity to get help between go-live and the resumption of classes.

Back to Top
Information Technology
Massanutten Hall
MSC 5733
1031 South Main Street
Harrisonburg, Virginia 22807