Okta simply squashed a very uncommon bug in its software program.
The digital safety administration firm posted a bug repair report back to its web site (as noticed by The Verge) letting customers know {that a} glitch within the system that theoretically allowed unhealthy actors to achieve entry to accounts had been ironed out. Sounds regular sufficient, proper? Properly, this is the kicker: The bug might’ve allowed somebody to log into an account with out coming into the password so long as the username was 52 characters or longer.
Mashable Gentle Pace
“Throughout particular circumstances, this might permit customers to authenticate by solely offering the username with the saved cache key of a earlier profitable authentication,” Okta wrote.
It needs to be re-emphasized that that is not a priority for Okta customers. The bug has been fastened. Sadly, it existed within the system for about three months, as Okta’s report mentioned the software program had been affected since July till somebody seen on Oct. 30. That is a really very long time for such a vulnerability to be current, nevertheless it’s unclear at this level if anybody was negatively affected by it.