Sign in with a quick glance or touch 

Posted by

MSU IT is advancing operational excellence and improving the multifactor authentication user experience with passwordless authentication for users with compatible devices. You can now use your face or fingerprint to sign in to MSU applications and systems using the same technology that unlocks your phone or laptop. 

Okta FastPass is available on the MSU login screen. Passwordless authentication, like FastPass, is a new security method that uses the Okta Verify app and your device’s hardware, like Windows Hello and Apple Face ID or Touch ID, to log in instead of a password. 

New login screen

Screenshot of new login screen showing the new FastPass button as an option.

Try this new security method by following the steps below. Some Windows devices may not have the hardware required for facial or fingerprint recognition. These devices would instead use a PIN, which tends to be fewer characters than a standard password and is more secure.

Benefits include: 

  • Simplified MSU login process 
  • Reduced phishing attempts 
  • Enhanced user and institutional security  

Okta FastPass is available for personal (and unmanaged MSU devices), and each unit and college’s IT support team will determine when they will be available on each MSU-managed device based on their respective policies. 

Frequently asked questions

  • Can I use Okta FastPass to sign in to my computer? 
    • No. FastPass integrates with Windows Hello on Windows devices, which may change the log in experience to your computer, but FastPass itself is only used for accessing MSU applications and systems
  • Will setting up Okta FastPass change how I sign in to my computer?
    • Maybe. Setting up FastPass requires setting up Windows Hello for Windows devices. If your machine is not currently using Windows Hello to sign in, you will be prompted first for Windows Hello options to log in to your device. You can choose not to use Windows Hello options. If you have a macOS device your sign in experience will not change.
  • Can I use Okta FastPass without the Okta Verify app? 
    • No. FastPass is one of several MFA options to choose from when logging in with the Okta Verify app. 
  • Am I required to use this new feature? 
    • No. This feature is completely optional and may be enabled or disabled at any time.
  • Will this work on any device I use?
    • No. This technology relies on data stored locally. It will work on the device it is configured on.
  • Can I use Okta FastPass if my device does not have compatible biometric hardware?
    • Yes. Instead of looking at your camera or placing a finger on a fingerprint reader, you can sign in with a PIN/password option. This tends to be fewer characters and is still more secure than a standard password. Alternatively, an external webcam with infrared technology or an external fingerprint reader can be added to a computer that doesn’t have the appropriate built-in hardware.
  • Is this the only factor I need to register for multi-factor authentication?
    • No. More than one factor is recommended, especially for instances when you’re using a different device or when you’ve received a new device and do not have access to the old registered device.
  • Is Okta FastPass safe and secure? 
    • Yes. Your image or fingerprint is converted and encrypted into a very complex “code,” making it exceedingly more secure than a conventional password/passphrase. Additionally, it makes phishing attempts by cybercriminals considerably more difficult since this “code” is virtually impossible to recreate without your participation. 
  • Does Okta FastPass, Windows Hello, or Apple Face ID/Touch ID save or store my biometric data? 
    • No. Windows, Apple and Okta rely on the data (face or fingerprint) you choose to use and is encrypted and stored locally on your device.  
      • Windows: “The biometric data used to support Windows Hello is stored on the local device only. It doesn’t roam and is never sent to external devices or servers. This separation helps to stop potential attackers by providing no single collection point that an attacker could potentially compromise to steal biometric data.” 
      • Apple: “Your fingerprint or face data is converted into a mathematical representation that is encrypted and used only by the Secure Enclave in your Mac, iPad, or iPhone. Since fingerprint and face data is so personal, your device takes extraordinary measures to protect it. This data can’t be accessed by the operating system on your device or by any applications running on it. And it is never stored on Apple servers or backed up to iCloud or anywhere else.”
  • Additional Okta FastPass FAQs 
Share: