Richard Lawler / The Verge:
Okta fixes a flaw present since July 23, 2024 that, under specific conditions, let users log in with any password if the account’s username had 52+ characters — The vulnerability is fixed now, but Okta said that for three months it could’ve been used to access accounts with usernames stretching at least 52 characters long.
No comment yet, add your voice below!