Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
jonathaneunice 8 hours ago

> I was pretty appalled to see such a basic mistake from a security company, but then again it is Okta.

Oh. Em. Gee.

Is this a common take on Okta? The article and comments suggest...maybe? That is frightening considering how many customers depend on Okta and Auth0.

parliament32 8 hours ago | parent | next [-]

We evaluated them a while ago but concluded it was amateur-hour all the way down. They seem to be one of those classic tech companies where 90% of resources go to sales/marketing, and engineering remains "minimum viable" hoping they get an exit before anyone notices.

kenhwang 7 hours ago | parent [-]

I'm convinced Okta's entire business model is undercutting everyone with a worse product with worse engineering that checks more boxes on the feature page, knowing IT procurement people aren't technical and think more checkboxes means it's better.

Y_Y 6 hours ago | parent | prev | next [-]

Okta sucks balls. That's from my perspective as a poor sod who's responsible for some sliver of security at this S&P listed megacorp that makes its purchasing decisions based on golf partners.

SAI_Peregrinus 7 hours ago | parent | prev | next [-]

Yep. They're an Enterprise™ company. That means they prioritize features purchasing departments want, not functionality.

swiftcoder 6 hours ago | parent | prev | next [-]

Yeah, I have the misfortune of inheriting a SaaS that built on auth0, and the whole stack is rather clownish. But they tick all the regulatory boxes, so we're probably stuck with them (until they suffer a newsworthy breach, at any rate...)

lq9AJ8yrfs 4 hours ago | parent | prev | next [-]

Among the reasons to leave my last job was a CISO and his minion who insisted spending $50k+ on Okta for their b2b customer and employee authentication was a bulletproof move.

When I brought it up, they said they didn't have anyone smart enough to host an identity solution.

They didn't have anyone smart enough to use Okta either. I had caught multiple dealbreakers-for-me such dubious / conflicting config settings resulting in exposures, actual outages caused by forced upgrades, not to mention their lackluster responses to bona fide incidents over the years.

I use Authentik for SSO in my homelab, fwiw.

hi_hi 5 hours ago | parent | prev | next [-]

We've recently moved to Auth0. I'm no security expert. Whats the recommended alternative that provides the same features and price, but without the risks suggested here?

mooreds 3 hours ago | parent | next [-]

Heya, I work for FusionAuth. We have a comparable product for many use cases.

Happy to chat (email in profile), or you can visit our comparison page[0] or detailed technical migration guide[1].

0: https://fusionauth.io/compare/fusionauth-vs-auth0

1: https://fusionauth.io/docs/lifecycle/migrate-users/provider-...

grinich 3 hours ago | parent | prev | next [-]

If you’re looking for b2b identity, I’m the founder of WorkOS and we power this for a bunch of apps. Feel free to email me, mg@workos.com

catlifeonmars an hour ago | parent [-]

We use WorkOS to support some of our offerings but not for our own corporate identity/authentication. I’m not close to the project so I don’t have experience using WorkOS but definitely curious about replacing Okta.

Exoristos 5 hours ago | parent | prev [-]

It's not difficult to implement OAuth2. There are good libraries, and even the spec is not complicated. Or use AWS Cognito.

pm90 4 hours ago | parent | prev [-]

okta is the worst. Their support is the worst (we always got someone overseas who only seemed to understand anything, probably they were trained on some corpus) and would take forever to loop in anyone that could actually help.