Connect with us

Hi, what are you looking for?

Financial Source ReportFinancial Source Report

Tech News

An Okta login bug bypassed checking passwords on some long usernames

Illustration of a password above an open combination lock, implying a data breach.
Illustration by Cath Virginia / The Verge | Photo from Getty Images

On Friday evening, Okta posted an odd update to its list of security advisories. The latest entry reveals that under specific circumstances, someone could’ve logged in by entering anything for a password, but only if the account’s username had over 52 characters.

According to the note people reported receiving, other requirements to exploit the vulnerability included Okta checking the cache from a previous successful login, and that an organization’s authentication policy didn’t add extra conditions like requiring multi-factor authentication (MFA).

Here are the details that are currently available:

On October 30, 2024, a vulnerability was internally identified in generating the cache key for AD/LDAP DelAuth. The Bcrypt algorithm was…

Continue reading…

You May Also Like

Tech News

Three advocacy groups are trying to amp up the pressure on Google for allegedly destroying company records. The American Economic Liberties Project, Check My...

Editor's Pick

The “Magnificent 7”, comprised of Apple (AAPL), Microsoft (MSFT), NVIDIA (NVDA), Meta Platforms (META), Amazon.com (AMZN), Alphabet (GOOGL), and Tesla (TSLA) have carried the...

Editor's Pick

Romina Boccia Ida May Fuller, the first person to receive a Social Security check, worked for just three years before receiving her first benefit...

Tech News

It’s time to dust off your VCR and clean the heads, because Alien: Romulus is coming to VHS as a limited edition on December...

Copyright © 2023 FinancialSourceReport.com All Rights Reserved.