An Okta login bug bypassed checking passwords on some long usernames

Illustration of a password above an open combination lock, implying a data breach. Illustration by Cath Virginia / The Verge | Photo from Getty Images

On Friday evening, Okta posted an odd update to its list of security advisories. The latest entry reveals that under specific circumstances, someone could’ve logged in by entering anything for a password, but only if the account’s username had over 52 characters.

According to the note people reported receiving, other requirements to exploit the vulnerability included ...

Read Entire Article

© 2024 Thiratti. All rights reserved.