Mike Sheward on Nostr: Okta is really getting into the habit of dropping these gems on a Friday afternoon, ...
Okta is really getting into the habit of dropping these gems on a Friday afternoon, and I'm starting to get a bit concerned.
"We have discovered and resolved a vulnerability in Okta AD/LDAP DelAuth. For Okta orgs without MFA sign-on policies, and using accounts with usernames of 52 characters or more, this could allow users to authenticate by providing only the username, regardless of the password entered."
"We have discovered and resolved a vulnerability in Okta AD/LDAP DelAuth. For Okta orgs without MFA sign-on policies, and using accounts with usernames of 52 characters or more, this could allow users to authenticate by providing only the username, regardless of the password entered."