|
|
|
|
|
|
by Terretta
505 days ago
|
|
|
Same for OIDC (and even traditional SAML SSO). If every stolen or potentially stolen credential was billed to the breached provider at even $100/account*, SSO would become free so fast your head would spin. Every credential in the provider's DB would be correctly seen as a liability. * Arguably the number should be higher and contribute to a infosec response, detection, and preventative measures warchest. Though, ultimately, this would probably just enrich cybersecurity insurance firms. |
|
|
Another example is Microsoft charging extra for enhanced logging. This came to light during the SolarWinds debacle.