Company + Product

I have been at Okta for over a year, and as someone working in identity and access management (IAM), it was time to earn my Okta certification. I knew getting certified would help validate my skills, and to be completely honest, as I started to see all my colleagues get Okta certified, I felt a little FOMO. Here’s a look at my experience — from…

In 2024, Verizon reported that 45% of data breaches in a recent year involved the use of stolen credentials. At the same time, 90% of identity stakeholders said incidents directly impacted their business. With the costs of security breaches exceeding  $4.8 million at the latest estimate, the need to securely manage identities is greater than ever…

Authentication with shared devices comes with a unique set of challenges. Some scenarios are specific to an organization's workforce whereas some use cases are consumer specific. In this article, I will focus on the consumer scenarios, and explore the challenges and possible options to address shared device authentication securely. Challenges with…

Think MFA alone is enough to stop an imposter? Think again. In a world of deepfakes, synthetic identities, and hybrid workforces, attackers are bypassing the very tools designed to keep them out. Today’s attackers aren’t just stealing passwords — they’re impersonating legitimate users to bypass authentication controls, and they’re getting good at…

Real-time, inline protection that keeps pace with your business Today's complex Identity threat landscape demands streamlined security practices and an evolving, multi-layered defense-in-depth strategy to identify and mitigate cybersecurity threats. Okta’s comprehensive security strategy addresses these threats at multiple levels, including at the…

At Okta, our commitment to 100% renewable electricity spans across our operations — from our offices to our remote workforce, and even the third-party cloud providers we rely on. But we don’t stop at just clean energy. When we purchase renewable electricity certificates (RECs), we actively seek out those with added social impact: Supporting…

While organizations have traditionally focused on securing human users, a new challenge has emerged that demands immediate attention: non-human identities (NHIs). Service accounts, API keys, tokens, and machine-to-machine connections have become prime targets for attackers. These identities operate silently in the background of your organization,…

In today’s hybrid IT landscape, Active Directory (AD) remains a cornerstone for Identity management. However, privileged AD accounts present a significant security risk if not managed properly.  That’s why we’re pleased to announce that AD integration with Okta Privileged Access is now available in Early Access. With this feature, organizations…

Innovation never stops, and neither do we. As cyberthreats evolve, Identity remains the first line of defense. That’s why, during this Launch Week, we’re unveiling the latest advancements in Identity Security — designed to streamline access management and deliver seamless, secure experiences.  Whether you’re securing your workforce, customers, or…

Phishing resistance first Phishing-resistant authentication is the current baseline for secure authentication, which means FIDO/WebAuthn, FastPass, PIV/CAC, etc. This post will focus on how those already meeting this baseline can take security to the next level. Passwords, SMS, push notifications, and one-time codes are vulnerable to much less…