[spencerchubb]

Is there really a better alternative? Using a centralized service is certainly more secure than every company implementing a bespoke auth system.

Also, there are super strong incentives to hack Okta, so naturally more people will try to hack Okta.

[shortrounddev2]

I always thought it would be cool to have everybody carry around a private key on some device, and that key signs all data to prove authenticity. Instead of creating user accounts on a forum, posts would be signed with a key and a hash would be appended to the username, so you know that this John Smith is the same one as the last post because he has the same hash appended. Kind of like what 4chan does with tripcodes

[mschuster91]

You'd instantly have to deal with people losing their keys, people damaging their keys, people's pets eating, digesting and defecating the keys, fire/floodwater/storms/earthquakes/other natural or man-made disasters destroying the keys, keys getting damaged by ESD or cosmic radiation, people stealing other people's keys for extortion or abuse... spread any technology over millions of people and you will experience all sorts of failure modes that you haven't even thought of.

All of these failure modes need some sort of "customer support" to work out, otherwise they'll not be used by users at all or they'll lead to shitstorms when people are locked out of their identity. And if the customer support makes errors or gets bribed, you'll get shitstormed too.

And allowing people to back-up their keys isn't an option either because that defeats the purpose of why you have an HSM anyway.

Security is hard, PKI is even harder.

[shortrounddev2]

I also personally believe identity online should be transient. Getting locked out of your identity should be as simply fixed as creating a new identity

[explaininjs]

> is certainly more secure than every company implementing a bespoke auth system.

That's certainly what they want you to think. But hooking into a system where every support engineer's full contact info (and every other employee besides) is already leaked to hackers to do all the social engineering/extortion they might want, is faaaaarrrrr more insecure than using some trusted crypto primitives to validate a password, or send an email.

If you can get away with it, just email magic links or bog standard username/password that everyone knows and every credential manager can trivially incorporate with. If you need SSO (for your big enterprise contract to go through), the story is a bit different because in all likelihood every other thing they interface with is already using Okta, but that doesn't mean you must use them too.

> Also, there are super strong incentives to hack Okta, so naturally more people will try to hack Okta.

Why would you purposefully pick such a massive target? Especially one that is currently compromised, and can't even be trusted to protect themselves? Just last month hackers got all the personal information of all Okta employees.

[aragilar]

There are enough solid systems (such as keycloak) that implement standard mechanisms (such as OAuth2 or OIDC) that using a service that continually has issues (as noted by the gp) should be justified, not assumed (having an SSO system should not be conflated with a specific provider).