Your security image gives you additional assurance that you are logging into your Okta Cloud Area Network, and not a fraudulent website. If you don't recognize your security image then do not enter your username or password.
Read below on how to detect whether or not you have arrived at a fraudulent website.
Look at the URL in your browser's address bar. Your URL should look like this:
Make sure the part after cbs says okta.com, also known as the domain. The domain lets you know you are accessing your organizations secure site.
Depending on the browser you use, you should see a lock icon either at the bottom (Internet Explorer, Firefox) or top (Chrome, Safari). The lock icon represents a security protocol used to protect your organization's site called Secure Sockets Layer (SSL).
You'll see a question mark image in the following situations:
If you check the Remember me box, your username is pre-filled the next time you sign in to your organization's site using this computer and browser. In addition, your security image appears when the sign-in page initially displays. Your security image does not initially display if Remember me is not checked.
We recommend unchecking Remember me if you are using a public computer.
This happens if you recently deleted your browser cookies.
This is likely caused by your browser settings. To prevent this behavior, disable your browser's form autocompletion feature for this site.