Navigating the access management space can bring forth a host of new challenges, one of which may be the migration to a new access management solution. This blog is aimed at those of you who are in the process of considering an exit from your current access management provider and evaluating the effort required to do so. Let’s kickstart this discussion by showing you just how easy it is to migrate from Okta to OneLogin access management solutions. We are going to break up this topic into two parts, with part one focusing on your valuable end users. When it comes to planning your migration fro ..read more

We recently published a blog titled Defending Your Organization Against Session Cookie Replay Attacks. This blog thoroughly examined the menace of session cookie replay attacks, shedding light on the potential risks and consequences they pose to online security. The post delved into the intricacies of session cookie replay attacks, detailing their working mechanisms and the extensive damage they can inflict and emphasizing the imperative need to comprehend and fortify against such threats. As a quick recap, session cookie replay attacks involve the malicious use of stored session cookies to i ..read more

In the current cyber threat landscape, where online security is paramount, the threat of session cookie replay attacks looms large. These attacks sidestep the conventional need for credentials and aim to hijack your online sessions, potentially compromising sensitive data and taking over user accounts. This blog post delves into the intricacies of session cookie replay attacks, shedding light on what they are, how they work, and the potential consequences they can unleash. Understanding these attacks is the first step in fortifying your online presence and ensuring the safety of your organiza ..read more

In today’s education landscape, K-12 schools are hubs of learning and growth, filled with opportunities but often caught up in Identity and Access Management (IAM) challenges. Within this complex education environment, an unexpected hero emerges – the concept of ‘degeneracy,’ which we redefine here as simplifying complexity. In this blog, we explore how OneLogin exemplifies this by making IAM easier, more secure and user-friendly. The Multifaceted Challenges in the Absence of Effective IAM Envision a scenario where passwords proliferate at an overwhelming rate, each a distinct gateway to esse ..read more

Welcome to the second part of our blog series on the state of passwordless authentication. In the first blog, we focused on the new kid on the block, passkeys, and how this emerging technology will likely have a significant impact to the advancement of the identity and access management industry’s desire to finally eliminate passwords for good. In this blog, we are going to look at alternative options which can be used if passkeys are never going to be an option for your organization or if you need to implement a passwordless solution for the short/medium term. This maybe be the case if you’r ..read more

As part of our blog series on Advanced Authentication, we have discussed what it is and how it can help organizations, provided best practices in deploying this authentication approach and highlighted the benefits of FIDO2 and WebAuthn within this context. In this blog, we will explore how organizations can deliver frictionless user experiences while delivering a strong level of advanced authentication protection. In today’s digital landscape, finding the right balance between a frictionless user experience and strong security is crucial for organizations. Users expect seamless access to appl ..read more

The quest for impenetrable locks Ever since the invention of the first lock, humans have strived to expose and exploit the vulnerabilities of these safety devices. In 1777, Joseph Bramah, the father of modern pneumatic systems, posted a sign on the window of his London storefront with a unique challenge. The challenge was simple: come inside and open a lock. He would reward you with the modern-day equivalent of $30,000 if you could do it. Bramah even published and distributed a pamphlet explaining the workings of his lock design, such was his confidence in its impregnability. Bramah’s lock wa ..read more

Stuart Sharp, OneLogin VP of Product, introduced us to the topic of Advanced Authentication in his blog Advanced Authentication – The way forward, but what does this actually mean in the enterprise and what best practices can we follow to ensure that we are both managing and deploying it effectively? As a reminder, and to borrow some words from Stuart, “Advanced Authentication is a cybersecurity approach that requires the use of additional security methods, beyond the traditional ones, to authenticate a user’s identity. Advanced Authentication makes it more difficult for hackers to gain unaut ..read more

Today, we are publishing part one in a four-part blog series on the state of passwordless authentication in the year 2023. This first blog will focus on the newest kid on the block which is, of course, Passkeys. Following Google’s announcement around Passkey support for their consumer accounts (Passkeys: What they are and how to use them), it seems like the wait for widespread adoption opportunities of the long-anticipated extension to WebAuthn is finally over.  What are Passkeys?    Passkeys are an extension to the WebAuthn standard, which takes the same great user experi ..read more

As part of our ongoing efforts to provide customers with the most stable and seamless service release experience, OneLogin has revamped our release process. The post April 2023 Release Notes appeared first on OneLogin Identity Management Blog ..read more