Okta just fixed a very weird security bug for accounts with long usernames

Never heard of that one before.
By Alex Perry  on 
Okta logo on phone screen
A very weird bug, indeed. Credit: Omar Marques/SOPA Images/LightRocket via Getty Images

Okta just squashed a particularly unusual bug in its software.

The digital security management company posted a bug fix report to its website (as spotted by The Verge) letting users know that a glitch in the system that theoretically allowed bad actors to gain access to accounts had been ironed out. Sounds normal enough, right? Well, here's the kicker: The bug could've allowed someone to log into an account without entering the password as long as the username was 52 characters or longer.

Mashable Light Speed
Want more out-of-this world tech, space and science stories?
Sign up for Mashable's weekly Light Speed newsletter.
By signing up you agree to our Terms of Use and Privacy Policy.
Thanks for signing up!

"During specific conditions, this could allow users to authenticate by only providing the username with the stored cache key of a previous successful authentication," Okta wrote.

It should be re-emphasized that this is no longer a concern for Okta users. The bug has been fixed. Unfortunately, it existed in the system for about three months, as Okta's report said the software had been affected since July until someone noticed on Oct. 30. That's a very long time for such a vulnerability to be present, but it's unclear at this point if anyone was negatively affected by it.

Topics Cybersecurity


Recommended For You
Watch SZA sweat it out on 'Hot Ones' in bug prosthetics
SZA in bug prosthetics on 'Hot Ones.'

Verizon outage has now been fixed
In this photo illustration, a Verizon logo is displayed on the screen of a smartphone.

Apple fixes dangerous 'GAZEploit' Vision Pro security flaw
Apple Vision Pro

Apple fixes iPhone 16 touch screen bug in iOS 18.0.1
Apple iOS 18


Trending on Mashable
NYT Connections hints today: Clues, answers for December 6, 2024
A phone displaying the New York Times game 'Connections.'

NYT Mini crossword answers, hints for December 6, 2024
Closeup view of crossword puzzle clues

At 2 a.m., an unexpected event led to a surprise planet discovery
A NASA conception of what the exoplanet Kepler-51e might look like.

Wordle today: Answer, hints for December 6
a phone displaying Wordle

Tesla suspends Cybertruck production. Who could have predicted this?
Tesla vehicles, including Cybertrucks, loaded on a transport that seems to be going nowhere.
The biggest stories of the day delivered to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Thanks for signing up. See you at your inbox!