James Harrington avatar

Share with

Okta reveals security flaw allowing bypass of authentication for long usernames

Okta reveals security flaw

Okta reveals security flaw

Okta has announced a security problem in its system that allowed some users to log into their accounts without entering the correct password. This issue occurred if a username was 52 characters or longer. In these cases, the system could bypass password checks if it found a “stored cache key” from a previous successful login using the same browser. Accounts that require multi-factor authentication were not affected.

How the Vulnerability Happened

The company admitted that this vulnerability was introduced during a standard update on July 23, 2024, and it was only discovered and fixed on October 30. Okta is advising customers who might be at risk to check their access logs from the past few months. While a 52-character username may seem long, it can still be easier to guess than a strong password, especially if it includes personal information like a full name or email address.

Okta’s Role in Authentication

Okta provides software that helps businesses manage user authentication for their applications. It allows users to access multiple apps with a single login, simplifying the process. The company has not confirmed if anyone was specifically affected by this issue, but it has promised to improve communication with customers following past incidents involving unauthorized account access.

Also check other news here

Stay updated with the latest posts by following the HapleafAcademy WhatsApp Channel

Tagged in :

James Harrington avatar
Index