Authentication is undoubtedly one of the most crucial aspects of cybersecurity today, but our understanding of how to verify users and their actions has been largely unchanged for decades. It always works the same: the user provides something they know (password), have (ID), or are (fingerprint) and if this input matches what the system knows…

Passwords are hard. The (what feels like constantly) growing list of security requirements are intended to make passwords secure, but in many cases they’ve had the opposite effect. Complex passwords that meet all the requirements are often difficult to remember, so they’re reused across many sites. Users scribble them on sticky notes. They weave…

The world of Identity and Access Management (IAM) is rarely controversial. But today, there is a battle brewing in how we - as an industry - talk about customer-facing use cases for IAM. Many are starting to refer to this as Customer IAM or Consumer IAM, both abbreviated as CIAM. CIAM does have some unique requirements. But that does not mean that…

In today’s identity management climate, single sign-on (SSO) capability is critical to the success of enterprise identity and access management (IAM). IT departments face growing demands: managing thousands of users, both internal and external, who each need access to an increasing number of cloud-based applications. Adding to this complexity is…

SCIM, or System for Cross-domain Identity Management, is an open standard that allows for the automation of user provisioning. It was created in 2011 as it became clear that the technology of the future would be cloud-based. SCIM communicates user identity data between identity providers (such as companies with multiple individual users) and…

Cloud technology is growing at unprecedented levels — and as a result businesses are changing the way they work, seeing an increasing number of employees use mobile devices to access both personal and work related information. While these changes enable workers to be more productive, they also bring security concerns for IT departments tasked with…

We’re pleased to announce that our new product, Okta Adaptive Multi-factor Authentication (MFA) is generally available today. Okta Adaptive MFA, which companies can purchase as a standalone product, offers a broad set of easy-to-use factors combined with policy-driven contextual access management — all informed by data from our thousands of…