How to Use the FAQ Page
・Browse by Category
Topics are organized into categories based on the nature of your question.
The FAQs in each category are grouped in an expandable format. Click a category to expand and view the items.
・Search via Table of Contents
If you cannot find a suitable category, a Table of Contents containing only the questions is provided below the category list.
Please check there to find the relevant question.
(Keio.jp authentication is required for access. )
FAQ
■I can no longer log in using the passkey authentication from the Google Password Manager registered with keio.jp's multi-factor authentication.
■When logging into keio.jp, a field appears to enter the Google Authenticator code, but I cannot find the code.
Yes. To help protect your important information and data, all users are required to set up MFA by the deadline assigned to them.
MFA is introduced to strengthen security and protect your data (and the data of the institution).
If MFA is enabled on keio.jp, all applications using keio.jp authentication will require MFA. No additional settings are required on the app side.
You can temporarily disable MFA (see "Temporarily disable MFA").
As identity verification is required to disable MFA, please check the website below and contact us.
・Inquiries
https://www.itc.keio.ac.jp/en/keiojp_manual_contact.html
Please note that in computer labs managed and operated by KIC, users can sign in using a password only.
■MFA is enabled, but the MFA screen does not appear when logging into keio.jp on classroom PCs.
You can temporarily disable MFA (see "Temporarily disable MFA").
As identity verification is required to disable MFA, please check the website below and contact us.
・Inquiries
https://www.itc.keio.ac.jp/en/keiojp_manual_contact.html
Please refer to "What should I do if I change or replace the smartphone or tablet registered as my authentication factor?".
Please quickly perform remote locking, line locking, and usage suspension procedures (please refer to the website of each carrier for details).
Furthermore, if you need to "Temporarily disable MFA", please check the contact information for the respective support desks.
No. Even if MFA is enabled, under the current system, MFA is not required when connecting to campus Wi-Fi (keiomobile2/eduroam) (it remains as before).
Both Multi-Factor Authentication and Multi-Step Authentication involve multiple authentication steps. Multi-Factor Authentication uses multiple "factors" (knowledge, possession, biometrics) for authentication. On the other hand, a two-step authentication with knowledge-based information such as ID/password followed by a security question is performed twice but uses only one "factor" of knowledge information. Therefore, Multi-Factor Authentication is considered safer, even with the same number of authentication steps.
Please refer to "Deactivate MFA (Only during trial period)."
Due to system specifications, MFA is required as long as at least one authentication factor is registered, even if MFA has not been explicitly enabled.
For the smooth running of classes, the MFA screen is not displayed when logging into keio.jp from classroom PCs.
The required steps depend on whether you have other authentication factors registered besides the device you replaced. Please follow one of the procedures below according to your situation.
a. There are other registered FIDO/TOTP/Phone numbers besides the one being replaced, and MFA is possible. → You can handle it yourself
a-1. Register the new device under "Add Authentication Factors"
a-2. If necessary, delete the old device under "Delete Authentication Factors"
b. No other FIDO/TOTP/Phone numbers are registered besides the one being replaced, and MFA is not possible. → Consultation with the respective support desks is required.
b-1. Refer to "Temporarily disable MFA" and, after consulting with the respective support desks, temporarily disable MFA.
b-2. Use "Multi-Factor Authentication via Keio Mail" to register the new device under "Add Authentication Factors"
b-3. If necessary, delete the old device under "Delete Authentication Factors"
Please log in again from the keio.jp login URL (https://keio.jp/) and then proceed to the application you wish to use.
If you are accessing the site via a bookmark, please recreate it.
Please log in to the Multi-Factor Authentication (MFA) settings page and verify the following two points.
1. Ensure that "multi-factor authentication" in the "Personal Settings" section is set to "Enable."
2. Ensure that your configured authenticators (Phone, Okta Verify, etc.) are listed in the "Security Methods" section.
・Procedure for Verifying Multi-Factor Authentication Settings
Since apps (such as Okta Verify) are device-specific, you will need to re-register them on your new device. If your phone number remains unchanged, you can log in using SMS authentication and register your new device. Therefore, we strongly recommend always registering your phone number (SMS) as a precaution.
Please refer to the following pages for re-registration instructions:
・Procedure for keio.jp users on smartphones
・Procedure for keio.jp users on computers
・MFA setup procedure for combined PC and smartphone use
At a minimum, if you have SMS authentication or Okta Verify registered on your smartphone, you can use your smartphone for authentication when logging in from other devices. However, if your computer itself has biometric authentication (such as Windows Hello), registering a "passkey" on that device is convenient because you can log in without having to take out your smartphone.
As a precaution, it is strongly recommended that you always register a phone number (SMS) as a backup.
The keio.jp Multi-Factor Authentication Chatbot is available only with your keio.jp account.
If you are logged in to your browser or other Google-related services with an account other than keio.jp, please log out and log in with your keio.jp account before using this service
As long as you have an environment where you can connect to the internet by any means, you can use Keio.jp's multi-factor authentication (MFA) without any issues.
However, please note the following points:
(1) Please note that registration or verification may not be completed for overseas phone numbers due to the following reasons.
Due to telecommunications conditions in certain countries or regions, as well as system-side risk assessments, the delivery of authentication codes (via SMS or voice) may not occur successfully.
During periods when your Japanese phone number is unavailable, such as while traveling or studying abroad, please temporarily refrain from using phone/SMS-based MFA authentication or registering with an overseas phone number. Instead, consider utilizing alternative authentication methods (Passkey, Okta Verify, or various Authenticator apps).
(2) When using TOTP (Google Authenticator/Microsoft Authenticator, etc.), it is essential that the time on your PC or smartphone is set correctly.
A common issue occurs when users believe they have adjusted to local time, but the time zone remains set to Japan, resulting in an incorrect time.
Nowadays, setting the time to "automatic" is generally sufficient, so we recommend setting it to "automatic."
[Reference]
・Set the time, date, and time zone settings in Windows
・Set the date and time automatically on your Mac
・Android: Set time, date, and time zone
・Change the date and time on your iPhone
Yes, you can. Please refer to Add Authentication Factors.
TOTP, device biometric authentication, Okta, and other methods can be registered.
Please refer to the following pages for setup instructions.
・Procedures for users accessing keio.jp from a computer
・Install "Okta Verify" on your PC.
Yes, you can. (Reference: Delete Authentication Factors)
If you have registered an authentication factor other than your phone number, you can change it yourself.
Please reset it using the URL below.
https://keio.okta.com/signin/forgot-password
If you are resetting your password via the keio.jp portal site, please follow the steps below to reconfigure it.
・How to change passwords for non-students (faculty, staff, etc.)
・How to Change Your Password (For Students)
If the above does not resolve the issue, please refer to the following site.
If you have checked the site above and are still unable to log in, you will need to reset your password.
Please review the site below and contact us.
There are several numbers used for SMS sending or voice call initiation from this service, which are randomly selected.
Due to system specifications, it will take about one day after the change before you receive the notification again. Please check if you receive the notification again after about one day has passed.
Yes. You can register multiple phone numbers at the same time. Depending on your needs and environment, you may register the following:
- Smartphone / mobile phone: Authentication is available via SMS or voice call
- Landline phone: Authentication is available via automated voice call
Important notes for overseas (non-Japanese) phone numbers
Please be aware that registration of overseas phone numbers may fail in some cases.
Due to regional telecommunications conditions and system risk controls, authentication codes (SMS or voice calls) may not be delivered successfully.
If authentication cannot be completed successfully, the phone number cannot be registered.
For users planning to study abroad
If you expect a period when your Japanese phone number will not be available (such as during travel or study abroad), we recommend postponing overseas phone number registration and instead using an alternative authentication method, such as an authentication app.
It is possible that a spam filter or a "Screen Unknown Senders" feature is enabled.
Please refer to the manuals provided by your mobile carrier to verify your settings.
・Docomo(日本語/Japanese)
https://www.docomo.ne.jp/info/spam_mail/sms/
・au (日本語/Japanese)
https://www.au.com/mobile/service/sms/filter/
・Softbank(日本語/Japanese)
https://www.softbank.jp/mobile/support/mail/antispam/mms/
This difference stems from the "storage location" and "synchronization status" of your biometric credentials (passkeys).
・When Google Password Manager appears: This means the passkey is linked to your Google Account and stored in "Google Password Manager".
・When "Android..." is displayed: This means it is not synced with your Google Account and is stored directly in a "secure area specific to the Android device you are using."
Main reasons for the difference in display
・OS version and settings: In environments where passkeys are standardized, such as Android 14 and later, Google Password Manager tends to be suggested as the storage location by default.
・Selection during registration: This depends on whether you chose your Google Account or the device itself when prompted to "Use another device" or "Choose where to save" during registration.
・Browser behavior: The result varies based on whether Chrome prioritizes one option over the other, depending on its current sync status and security settings.
Please check the password manager's management screen (chrome://password-manager/passwords).
The account registered is the one where "keio.okta.com" appears in the password field.
・If "keio.okta.com" is not registered in Google Password Manager
It may be set up for another account. Please switch to the account you believe it was set up for and try logging in to keio.jp.
・If "keio.okta.com" is registered in Google Password Manager
There may be an issue with your settings. Please log in to keio.jp using another multi-factor authentication method and reset the Google Password Manager authentication.
1. Refer to the Multi-Factor Authentication Setup Manual (Removing an Authentication Factor) and delete your current Google Password Manager settings.
2. Refer to the Google Password Manager Registration Manual and re-register.
※ When re-registering, it will be linked to the "Google account currently logged in to your browser."
Please confirm beforehand that you are logged in with the account you wish to register.
On Android, the Google account registered on the device takes priority.
・If "keio.okta.com" is registered in Google Password Manager
There may be an issue with your settings. Please log in to keio.jp using another multi-factor authentication method and reset the Google Password Manager authentication.
1. Refer to the Multi-Factor Authentication Setup Manual (Removing an Authentication Factor) and delete your current Google Password Manager settings.
2. Refer to the Google Password Manager Registration Manual and re-register.
※ When re-registering, it will be linked to the "Google account currently logged in to your browser."
Please confirm beforehand that you are logged in with the account you wish to register.
On Android, the Google account registered on the device takes priority.
・If you cannot log in to keio.jp
You can temporarily disable MFA (see "Temporarily disable MFA").
As identity verification is required to disable MFA, please check the website below and contact us.
・Inquiries
https://www.itc.keio.ac.jp/en/keiojp_manual_contact.html
If the app doesn't launch properly from your browser, try manually adding your account using the "+" button within the app.
"Select Account Type" -> "Company Name"
"Add an account from another device?" -> "Skip"
"Do you have a QR code?" -> "No, sign in"
"Your organization's sign-in URL" -> keio.okta.com
The keio.jp login screen will appear; please log in
"Enable biometric or passcode verification?" -> "Enable"
"Set as default Okta FastPass account?" -> "Set as default"
If the above does not resolve the issue, uninstall Okta Verify once and try setting it up again from the beginning.
Depending on the environment, there may be cases where Okta Verify cannot be properly installed.
This issue has been reported in the following scenarios:
・Use of a VPN
・Interference from iCloud Private Relay (on Apple devices)
・Interference from security/antivirus software
Please check the settings above and try using Okta Verify again with these services temporarily disabled.
If the issue persists, please register and use an alternative factor, such as a Passkey (Security Key or Biometric Authenticator).
Is the time on your device (PC/smartphone/tablet) accurate? Is the time zone set to a different region, and only the time is set to Japan Standard Time?
TOTP calculations use time information. If the clock on your device is incorrect, TOTP will not be calculated correctly, and you will not be able to log in. It is recommended to set the clock on your device (PC/smartphone/tablet) to automatic.
Please verify that the one-time password for keio.okta.com is displayed in the Google Authenticator or Microsoft Authenticator app.
For Apple products, please check if the one-time password is displayed in the code for "Password (Apple's password management app)".
If multiple one-time passwords are displayed, please verify the one-time password showing the title and username you registered yourself.
If the code cannot be found using the above verification method, the appropriate action depends on whether you have an authentication factor other than Google Authenticator. Please follow one of the following procedures based on your situation.
a. You have registered FIDO/biometric authentication, Okta, phone number, or other methods in addition to Google Authenticator, enabling multi-factor authentication (MFA). → You can handle this yourself
a-1. Delete the authentication factor in Google Authenticator
a-2. Register Google Authenticator via "Add authentication factor"
b. No FIDO/biometric authentication, Okta, phone number, or other methods are registered besides Google Authenticator, making multi-factor authentication (MFA) impossible. → Consultation with the respective support desks is required.
b-1. Refer to "Temporarily Disabling Multi-Factor Authentication (MFA)" and, after consulting with the respective support desks, temporarily disable MFA.
b-2. Delete the authentication factor in Google Authenticator
b-3. Use "Multi-Factor Authentication (MFA) via Keio Mail" and register Google Authenticator under "Add Authentication Factor"
※We recommend adding multiple authentication factors.
目次
Please refer to the following pages for frequently asked questions regarding Multi-Factor Authentication .
・Multi-Factor Authentication – FAQ
Before contacting us regarding keio.jp MFA, please try our chatbot (Keio.jp authentication is required for access. )。
・keio.jp MFA Dedicated Chatbot
If the FAQ or chatbot does not resolve your issue, please contact us using the form below.