this post was submitted on 29 Nov 2023
150 points (96.9% liked)

Technology

59197 readers
2890 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
all 14 comments
sorted by: hot top controversial new old
[–] [email protected] 39 points 11 months ago (2 children)

I looked it up: Okta is a corporate identity management service, they handle stuff like SSO, logins, AD, etc...

So I see why they are targeted.

[–] [email protected] 12 points 11 months ago (2 children)

Yeah, they handle SSO between platforms. Not the registrations though.

They just handle the SSO part, if you have three systems connected, you need to sync the users between them on your own, then they can log them in to all three .

[–] [email protected] 1 points 11 months ago (2 children)

I understood some of those words!

[–] [email protected] 7 points 11 months ago

They build digital corridors so at your workplace you can use multiple different applications without having to login every time.

[–] [email protected] 2 points 11 months ago

Hopefully all of them except maybe SSO

[–] [email protected] 1 points 11 months ago (1 children)

That's not completely true. That's often the ideal way to use them (especially with integrating pre-existing applications). But they do offer (crappy) user stores in their auth0 product which can handle registration including UI.

[–] [email protected] 1 points 11 months ago

Interesting, I guess they don't offer that for all platforms.

[–] [email protected] 7 points 11 months ago

And they work with federal contractors. So double the reason to target them.

[–] [email protected] 16 points 11 months ago* (last edited 11 months ago) (1 children)

including names and email addresses

By now, that's been stolen from so many companies that I wonder how much new info is really being compromised compared to what's already out there. Speaking anecdotally, my spam already comes personalized. Like, even the obviously-not-from-a-partner phishy-looking stuff.

[–] [email protected] 9 points 11 months ago

True, but I think the point here is context. What the hackers get here is the context that X recipient gets email on X address from Okta so I'd more likely than not to respond.

[–] [email protected] 14 points 11 months ago

In my experience, Customer Support Users often have access to fuck shit up pretty good.

[–] [email protected] 6 points 11 months ago

Chrysler login for scanning their vehicles uses okta