Bookmark Article
Okta disclosed a security flaw that allowed unauthorized access to accounts with 52+ character usernames by bypassing password authentication if a stored cache key was detected, affecting users who logged in using the same browser. The vulnerability, introduced in a July 23 update, was only discovered and fixed on October 30, prompting Okta to advise affected customers to review their access logs. Although the issue didn’t impact organizations with multi-factor authentication, the company is urging users to monitor their accounts for any suspicious activity.
Full Article
