Reveal Password requires BOTH okta pwd and MFA push

Currently for someone to view a password on a chiclet they must provide their okta directory password and confirm a MFA push before the password is revealed.

As the okta session is already authenticated making it possible to click the chiclet and use the associated password why am I asking my customers to provide both? Wouldn’t proof of something they have (MFA push) be enough to prove it’s them and show the chiclet password?

Hi Steve, it sounds like you’re asking about a product feature. I would recommend submitting your suggestion at the Okta Ideas forum.