single sign-on

We’re all tired of passwords. Employees are tired of remembering them, IT teams are tired of resetting them, and security professionals are tired of dealing with them as a major threat vector when it comes to data breaches. In addition to our frayed relationship with passwords, they also pose a threat to productivity across an organization…

Thoughtworks began its journey away from Active Directory (AD) less than three years ago, though Philip Ibarrola, Thoughtworks TechOps Head of Technology, says it was a long time coming. Thoughtworks was once a Microsoft-only shop: Microsoft servers, Windows-based laptops, and security and authentications, all managed by AD. But since 2011, the…

Update: March 5 Every year at Oktane, we look forward to bringing together thousands of IT professionals, product leaders, and developers to discuss the importance of identity. As we’ve followed the spread of the coronavirus disease 2019 (COVID-19), it became clear that, this year, the best way to safely engage with our community is through a…

Today, I'm incredibly excited to announce the general availability (GA) of Okta Access Gateway:   Access Gateway is a new product that enables organizations to use Okta's Cloud Single Sign-On (SSO) and Adaptive Multi-Factor Authentication (MFA) to secure access to their on-premises web apps. We’ve been working with dozens of customers in the Early…

Back in 1968, Boston Consulting Group founder Bruce Henderson wrote that “all organizations, like all organisms, must adapt to changes in their environment, or die.” Now, some 51 years later, these words ring truer than ever. Moving away from on-premises infrastructure to the cloud has become a must for most organizations—but facing and deploying…

Let’s face it: we’re all tired of passwords. They’re a major pain for users and not nearly as effective at securing accounts as they pretend to be. Thankfully, there is a better way! We are excited to announce a new set of passwordless capabilities in Okta that will allow you to deliver seamless auth experiences to all users! In this post, we’ll…

Today consumer-facing service providers have a stark choice—to offer robust security or an easy user experience. But for many organizations, missing the mark on either of these elements can seriously damage their user engagement and retention rates—and by extension, their bottom line. To address this, we have now made Risk-Based Authentication…

There are a number of things that help make an application what it is—the most fundamental of which is the architecture it’s based on. To date, most technology has been built on monolithic architecture, with all components existing within one complex application. More recently, however, developers have started compartmentalizing each component or…

“Have I been pwned?” It’s a question you’ve probably asked yourself before. Phishing and stolen credentials are still among the primary threat methods in breaches, and as hackers grow more sophisticated, employees and consumers have to get smarter about the credentials they use to access digital applications. On the flip side, companies also have…

Anyone who’s ever had their account hacked knows firsthand just how vulnerable our digital identities can be. But having our identities jeopardized doesn’t have to be our fate. Instead, users can take a future-proof approach to protecting themselves from the onslaught of costly identity attacks—both in their personal and professional environments…