With the rise of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors.   According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

FIDO is an acronym that comes from the Latin fido, meaning ‘to trust’, which was popularised by Abraham Lincoln—who borrowed it to name his dog. It’s a fitting name for man’s best friend, and just as appropriate in the security world, where trust is key. A more technical reference, FIDO (Fast IDentity Online), emerged in 2012 and is backed by a…

    At Okta, we are highly invested in the latest ideas and practises around authentication and security—and that requires some myth busting. This blog is the first in a series of posts meant to tackle common misunderstandings and myths around Single Sign On. See below for our full list of the myths we've seen (and busted!) around SSO. Single…

Data is the new oil—an observation not lost on hackers. In a world of growing interconnectivity, our most valuable digital assets—including our digital identities–have never been so exposed. After all, attackers of the digital age now simply log in, using stolen credentials to gain access to protected documents and privileged information. Relying…

Active Directory Federation Services (ADFS) is a Single Sign-On (SSO) solution created by Microsoft. As a component of Windows Server operating systems, it provides users with authenticated access to applications that are not capable of using Integrated Windows Authentication (IWA) through Active Directory (AD). Developed to provide flexibility,…

With the rise in both the number and sophistication of today’s security threats, the benefits of multi-factor authentication (MFA) have become widely recognized, leading to increased adoption across enterprise and consumer apps. From a security standpoint, this is all good news. We know that passwords alone are not enough to secure your data, and…

Authentication is undoubtedly one of the most crucial aspects of cybersecurity today, but our understanding of how to verify users and their actions has been largely unchanged for decades. It always works the same: the user provides something they know (password), have (ID), or are (fingerprint) and if this input matches what the system knows…

Passwords are hard. The (what feels like constantly) growing list of security requirements are intended to make passwords secure, but in many cases they’ve had the opposite effect. Complex passwords that meet all the requirements are often difficult to remember, so they’re reused across many sites. Users scribble them on sticky notes. They weave…

The world of Identity and Access Management (IAM) is rarely controversial. But today, there is a battle brewing in how we - as an industry - talk about customer-facing use cases for IAM. Many are starting to refer to this as Customer IAM or Consumer IAM, both abbreviated as CIAM. CIAM does have some unique requirements. But that does not mean that…

In today’s identity management climate, single sign-on (SSO) capability is critical to the success of enterprise identity and access management (IAM). IT departments face growing demands: managing thousands of users, both internal and external, who each need access to an increasing number of cloud-based applications. Adding to this complexity is…