www.engadget.com

Okta vulnerability allowed accounts with long usernames to log in without a password

Okta has fixed a vulnerability that let people log in without a password if the username has 52 characters or more.