How does progressive enrollment differ from traditional registration forms?

Progressive enrollment collects essential user information during initial registration and then prompts for additional optional attributes during subsequent interactions with the application. This approach reduces form abandonment by not overwhelming users with lengthy registration forms upfront, while still allowing organizations to enrich user profiles over time as users engage with the platform.

What happens if a passwordless user loses access to their authenticator device?

While the demo focuses on the enrollment process, passwordless users would need account recovery mechanisms configured by administrators. Organizations typically implement backup authenticators or recovery flows through enrollment policies that allow users to register multiple authentication methods, ensuring they can regain access if their primary authenticator is unavailable.

Elevating User Journeys in Okta Customer Identity

Name: Elevating User Journeys in Okta Customer Identity
Uploaded: 2026-05-08T19:18:16-04:00
Duration: 15 min 45 s
Description: Join us to learn about how you can leverage features in the Okta Customer Identity platform to elevate your users' experiences. Key topics include Self-Service Registration, Multiple User Identifiers, Passwordless Users, and Keep Me Signed In. Present...

Okta

05/08/2026

0 (0%)

Report Like Favorite

TL;DR

Okta Customer Identity Platform enables self-service registration with progressive enrollment, allowing organizations to collect user attributes incrementally rather than requiring all information upfront during registration.
Multiple User Identifiers feature lets users authenticate with up to three different attributes (username, email, or custom fields), reducing friction when users forget one credential but remember another.
Passwordless authentication eliminates password requirements by using authenticators like Okta Verify as the primary method, reducing password spray attack exposure and simplifying credential management.
Keep Me Signed In provides granular session management control, allowing users to stay authenticated on trusted devices while reducing unnecessary MFA prompts through configurable time-based policies.

Self-Service Registration and Progressive Enrollment

The session opens with a detailed walkthrough of Okta's self-service registration extensibility, demonstrating how organizations can create custom enrollment policies within the Customer Identity Platform. Mark Vong shows how to enable progressive profiling, which allows administrators to collect user attributes incrementally rather than overwhelming users with lengthy registration forms upfront. The demo illustrates configuring user profile policies, adding custom form fields, and implementing progressive enrollment that enriches user profiles as they navigate through the application. This approach balances security requirements with user experience by collecting essential information at registration while deferring optional attributes to later interactions.

Multiple Identifiers and Passwordless Authentication

The presentation explores two advanced identity features that enhance both security and usability. Multiple User Identifiers allows organizations to configure up to two additional attributes beyond the traditional username for user authentication, enabling users to sign in with either their username or email address. This flexibility reduces friction when users forget one credential but remember another. The passwordless authentication capability eliminates password requirements entirely by leveraging authenticators like Okta Verify as the primary authentication method. Vong demonstrates creating enrollment policies that require only authenticator-based verification, effectively removing passwords from the authentication flow and reducing exposure to password spray attacks while simplifying the user experience.

Session Management with Keep Me Signed In

The final segment addresses session persistence through Okta's Keep Me Signed In feature, which provides granular control over authentication frequency. Vong distinguishes between pre-authentication and post-authentication implementations, showing how administrators can configure policies that prompt users to stay signed in after successful authentication. This feature reduces unnecessary MFA challenges for trusted devices while maintaining security controls through configurable time limits. The demonstration shows the end-user experience where users can opt to remain signed in, reducing authentication friction for returning users while giving organizations control over session duration and device trust policies.

Chapters

0:00 - Introduction and Overview
0:29 - Self-Service Registration Extensibility
1:25 - Demo: Configuring Progressive Enrollment
3:57 - Multiple User Identifiers Feature
5:15 - Demo: Adding Email as Identifier
6:53 - Passwordless User Authentication
8:04 - Demo: Creating Passwordless Enrollment Policy
11:38 - Keep Me Signed In Feature
12:55 - Demo: Configuring Session Persistence
15:27 - Closing

Key Quotes

0:36 "The first I'd like to dive into would be self-service registration extensibility. And what you're seeing is the ability for us to create these custom policies within the Okta Customer Identity Platform in order to implement maybe something like progressive enrollment or even just enable self-service registration in general."
4:47 "Some major benefits include, you know, the ability for users to alternate identifiers when they go ahead and sign in. They might maybe forget their username. Well, they can sign in with their email, as well as allowing our administrators the ability to configure identifiers on a per-application basis."
7:41 "We can also reduce maybe costs associated with having to manage and recover passwords. All of that overhead typically is associated with having to manage multiple passwords at a time. And then we can also avoid the possibility of password spray attacks if there are no passwords."
12:07 "This essentially allows us to customize how frequently it pops up so that we can, you know, keep track of the user session, making sure that they don't necessarily have to, you know, reauthenticate if there is an active session currently within the browser."

Categories:

» Data Protection

Tags:

Show more Show less

Browse videos

Upcoming Webinar Calendar

05/12/2026

01:00 PM

05/12/2026

Transforming Black Box to Glass Box: Revealing Hidden Threats and AI Risks through Data Lineage

https://www.truthinit.com/index.php/channel/1895/transforming-black-box-to-glass-box-revealing-hidden-threats-and-ai-risks-through-data-lineage/
05/12/2026

11:30 PM

05/12/2026

Implementing Effective Strategies for Active Directory Security and Data Protection

https://www.truthinit.com/index.php/channel/1888/implementing-effective-strategies-for-active-directory-security-and-data-protection/
05/13/2026

01:00 AM

05/13/2026

Transforming the Black Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1890/transforming-the-black-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/13/2026

05:00 AM

05/13/2026

Transforming Black Box to Glass Box: Revealing AI Risks and Hidden Threats through Data Lineage

https://www.truthinit.com/index.php/channel/1894/transforming-black-box-to-glass-box-revealing-ai-risks-and-hidden-threats-through-data-lineage/
05/19/2026

01:00 PM

05/19/2026

Establishing a Robust AI Governance Framework for GenAI Throughout Its Lifecycle

https://www.truthinit.com/index.php/channel/1936/establishing-a-robust-ai-governance-framework-for-genai-throughout-its-lifecycle/
05/20/2026

10:00 PM

05/20/2026

APAC: Establishing an AI Governance Framework for GenAI Throughout the Deployment Process

https://www.truthinit.com/index.php/channel/1953/establishing-an-ai-governance-framework-for-genai-throughout-the-deployment-process/
05/21/2026

11:00 AM

05/21/2026

The Autonomous Era: Orchestrating a Resilient Enterprise

https://www.truthinit.com/index.php/channel/1372/the-autonomous-era-orchestrating-a-resilient-enterprise/
05/27/2026

04:00 AM

05/27/2026

Rivoluziona i rischi dell'AI in opportunità con Netskope AI Security

https://www.truthinit.com/index.php/channel/1925/rivoluziona-i-rischi-dellai-in-opportunità-con-netskope-ai-security/
05/28/2026

10:00 AM

05/28/2026

Harnessing AI: Transforming Perception into Purposeful Mastery

https://www.truthinit.com/index.php/channel/1924/harnessing-ai-transforming-perception-into-purposeful-mastery/
05/28/2026

01:00 PM

05/28/2026

AI in the Fast Lane: Effectively Managing AI Security for Small Teams

https://www.truthinit.com/index.php/channel/1951/ai-in-the-fast-lane-effectively-managing-ai-security-for-small-teams/
06/02/2026

01:00 PM

06/02/2026

Satori Spring: Insights from Recent Research on the 2026 Threat Landscape

https://www.truthinit.com/index.php/channel/1930/satori-spring-insights-from-recent-research-on-the-2026-threat-landscape/
06/04/2026

02:00 AM

06/04/2026

Mastering the Unseen: Managing Shadow AI and Agentic MCP Traffic

https://www.truthinit.com/index.php/channel/1948/mastering-the-unseen-managing-shadow-ai-and-agentic-mcp-traffic/
06/16/2026

07:00 AM

06/16/2026

Transforming Data Risk into Actionable Priorities: What to Address First

https://www.truthinit.com/index.php/channel/1952/transforming-data-risk-into-actionable-priorities-what-to-address-first/