{"id":3478,"date":"2018-08-23T11:49:25","date_gmt":"2018-08-23T15:49:25","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=3478"},"modified":"2018-08-23T11:49:25","modified_gmt":"2018-08-23T15:49:25","slug":"examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/","title":{"rendered":"Examining Okta&#8217;s &#8220;5 Identity Attacks that Exploit Your Broken Authentication&#8221; Whitepaper"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-3426\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg\" alt=\"Okta 5 Identity Attacks that Exploit Your Broken Authentication\" width=\"800\" height=\"433\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD-300x162.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD-768x416.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD-499x270.jpg 499w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD-150x81.jpg 150w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD-333x180.jpg 333w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Identity and access management solution provider Okta recently released a brand new whitepaper: \u201c5 Identity Attacks that Exploit Your Broken Authentication.\u201d Their upfront premise is the traditional single-factor, password-based authentication is a broken authentication scheme. With identity becoming the new perimeter for enterprises, broken authentication is just as dangerous as having a broken firewall.<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/solutionsreview.com\/identity-management\/get-a-free-privilieged-access-management-solutions-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2020\/01\/PAM_BG_SB_800.gif\" alt=\"Download Link to Privileged Access Management Buyer's Guide\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">What does Okta consider the most devastating broken authentication exploits? <\/span><\/p>\n<ul style=\"text-align: justify\">\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Broad-based Phishing Campaigns<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Spearphishing Campaigns <\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Credential Stuffing<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Password Spraying<\/span><\/li>\n<li style=\"font-weight: 400\"><span style=\"font-weight: 400\">Man-in-the-Middle Attacks<\/span><\/li>\n<\/ul>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Of these broken authentication exploits, phishing attacks and other social engineering attacks are perhaps the most well-known as they have been increasingly prevalent due to their success rate. However, credential stuffing and password spraying are equally viable hacking techniques that take advantage of the weakness of passwords. The former uses the likelihood of duplicated passwords to access different accounts by the same user, while the latter attempts to use weak but common passwords like \u201cpassword1\u201d to gain access. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Okta recommends that enterprises stop relying on broken authentication schemes like single-factor logins. Instead, the solution is to deploy multifactor authentication (MFA). Phishing attacks generally can\u2019t obtain the secondary or tertiary factors necessary to break into an MFA-protected network. Password spraying and credential stuffing also fail since neither stolen credentials nor weak credentials are enough to gain access to MFA systems. \u00a0\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">To diverge from Okta\u2019s whitepaper for a moment, multifactor authentication does not need to be a uniform deployment. It can be varied based on the privileges of the employee in question or on the sensitivity of the data contained in a database. Even though MFA can be a hassle to deploy and work with, you wouldn\u2019t compromise your physical security\u2014why should you compromise your digital security?<\/span><\/p>\n<p style=\"text-align: justify\">You can read the full Okta\u00a0<span style=\"font-weight: 400\">\u201c5 Identity Attacks that Exploit Your Broken Authentication\u201d whitepaper <a href=\"https:\/\/www.okta.com\/resources\/whitepaper\/5-identity-attacks-that-exploit-your-broken-authentication\/thankyou\/\" target=\"_blank\" rel=\"noopener\">here<\/a>.\u00a0<\/span><\/p>\n<p style=\"text-align: justify\"><strong>Other Resources:\u00a0<\/strong><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/10-coolest-identity-security-ceo-leaders\/\" target=\"_blank\" rel=\"noopener\">The 10 Coolest IAM and Identity Security CEO Leaders<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/privileged-access-credentials-identity-automation\/\" target=\"_blank\" rel=\"noopener\">Privileged Access Credentials (With Identity Automation)<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/importance-edge-use-access-identity-automation\/\" target=\"_blank\" rel=\"noopener\">The Importance of Edge Use Access (With Identity Automation)<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/managing-third-party-privileges-identity-automation\/\" target=\"_blank\" rel=\"noopener\">Managing Third-Party Privileges with Identity Automation<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/iam-vs-ciam-whats-difference\/\" target=\"_blank\" rel=\"noopener\">IAM vs CIAM: What\u2019s the Difference?<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/the-role-of-identity-in-digital-transformation\/\" target=\"_blank\" rel=\"noopener\">The Role of Identity in Digital Transformation<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/current-state-biometric-authentication\/\" target=\"_blank\" rel=\"noopener\">The Current State of Biometric Authentication in IAM<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/comparing-the-top-identity-and-access-management-solutions\/\" target=\"_blank\" rel=\"noopener\">Comparing the Top Identity and Access Management Solutions<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/the-32-best-identity-and-access-management-platforms\/\" target=\"_blank\" rel=\"noopener\">The 32 Best Identity and Access Management Platforms for 2018<\/a><\/p>\n<p style=\"text-align: justify\"><a href=\"https:\/\/solutionsreview.com\/identity-management\/thycotic-releases-2018-global-state-privileged-access-management-pam-risk-compliance\/\" target=\"_blank\" rel=\"noopener\">Thycotic Releases \u201c2018 Global State of Privileged Access Management (PAM) Risk and Compliance\u201d<\/a><\/p>\n<p style=\"text-align: justify\"><br \/>Widget not in any sidebars<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Identity and access management solution provider Okta recently released a brand new whitepaper: \u201c5 Identity Attacks that Exploit Your Broken Authentication.\u201d Their upfront premise is the traditional single-factor, password-based authentication is a broken authentication scheme. With identity becoming the new perimeter for enterprises, broken authentication is just as dangerous as having a broken firewall. What [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":3426,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[6],"tags":[142,125,16,76,145,64,90,25],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Examining Okta&#039;s Identity Attacks and Broken Authentication Whitepaper<\/title>\n<meta name=\"description\" content=\"Identity and access management solution provider Okta recently released a new whitepaper: \u201c5 Identity Attacks that Exploit Your Broken Authentication.\u201d\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/\",\"name\":\"Examining Okta's Identity Attacks and Broken Authentication Whitepaper\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg\",\"datePublished\":\"2018-08-23T15:49:25+00:00\",\"dateModified\":\"2018-08-23T15:49:25+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Identity and access management solution provider Okta recently released a new whitepaper: \u201c5 Identity Attacks that Exploit Your Broken Authentication.\u201d\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg\",\"width\":800,\"height\":433,\"caption\":\"How to Protect Your Digital Identities from Phishing Attacks\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Examining Okta&#8217;s &#8220;5 Identity Attacks that Exploit Your Broken Authentication&#8221; Whitepaper\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Examining Okta's Identity Attacks and Broken Authentication Whitepaper","description":"Identity and access management solution provider Okta recently released a new whitepaper: \u201c5 Identity Attacks that Exploit Your Broken Authentication.\u201d","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/","url":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/","name":"Examining Okta's Identity Attacks and Broken Authentication Whitepaper","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg","datePublished":"2018-08-23T15:49:25+00:00","dateModified":"2018-08-23T15:49:25+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Identity and access management solution provider Okta recently released a new whitepaper: \u201c5 Identity Attacks that Exploit Your Broken Authentication.\u201d","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/08\/Mechanical-Eye-MOD.jpg","width":800,"height":433,"caption":"How to Protect Your Digital Identities from Phishing Attacks"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/examining-oktas-5-identity-attacks-exploit-broken-authentication-whitepaper\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"Examining Okta&#8217;s &#8220;5 Identity Attacks that Exploit Your Broken Authentication&#8221; Whitepaper"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/3478"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=3478"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/3478\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/3426"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=3478"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=3478"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=3478"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}