Every website or mobile app with a login form is a potential target for account takeover attacks. An “account takeover” is the process by which hackers and fraudsters use ill-gotten credentials to gain access to legitimate customers’ accounts. Most of these attacks are automated and driven by malicious bots. The rise of bots is mirrored by the…

Before public cloud services, computing infrastructure was expensive, hosted on-premises, and reserved for big enterprises and universities. Now, anyone with a credit card can access an unlimited supply of cloud apps and computing power. While cloud services offer many benefits, the accessibility of the cloud has also made identity attacks…

We recently delivered a webinar featuring Gartner research on the latest trends impacting customer identity and access management (CIAM). Gartner’s Research Vice President Mary Ruddy presented findings from her March 2018 research, Top 5 Trends in CIAM Solution Design. Discussion in the webinar included the challenges organisations face in keeping…

Passwords have been a constant throughout our digital “coming of age”. As we’ve moved from desktops to smartphones, from on-premises infrastructure to cloud services, we’ve all relied on passwords to access and safeguard our data and resources. Passwords are so deeply ingrained into our web apps and accounts, it can be challenging to imagine…

Passwords. Most of us have a love-hate relationship with them. Security best practices and common sense tells us to pick unique, hard-to-guess passwords for every account, which makes management of them a pain, or leads to bad password habits like reusing them. Then there’s the inherent security of passwords, or rather, the insecurity of them. As…

At Okta, we are highly invested in the latest ideas and practices around authentication and security—and that requires some myth busting. This blog is the second in a series of posts meant to tackle common misunderstandings and myths around single sign-on (SSO). See below for our full list of the myths we've seen (and busted!) around SSO. Single…

When it comes to data security, there’s no such thing as too big to fail. Chances are, if you’ve switched on the news recently you’ve heard of at least one high-profile data breach. Perhaps of even greater concern is that a few large organisations have fallen victim to multiple data breaches in the past few years. This is a surefire sign that…

Okta integrates everything! That includes Hybrid IT scenarios with your legacy apps, your custom apps, your proprietary apps, as well as your infrastructure. Today, we’re releasing an eBook covering 18 standard-based integration patterns Okta supports to connect identities to your legacy apps and infrastructure. Interested? For more details to…

Password managers, such as Okta Browser Plugin can defend against phishing attacks. However, to prevent the compromise of passwords, password managers need to be hardened against attacks that confuse them into misidentifying websites. To help achieve this, the Okta Research and Exploitation team (REX) has created a tool, hack_url_re, to…

Okta provides an LDAP interface in the cloud (great for hybrid IT and hybrid cloud deployments). The interface does not require an agent on-premises and supports Multi-Factor Authentication (MFA) over LDAP—even though the LDAP protocol doesn't natively support MFA. In this blog post, I’ll explain why and how Okta does it. Okta LDAP interface:…