Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
fidotron 4 hours ago

The one that amazes me is Okta.

OK their Mac UX is great, but given their rate of incidents how can you trust it?

Clearly this stuff is not actually bought based on track record.

jordanb 4 hours ago | parent | next [-]

Funny I used to work in an org with Okta.

Having your own auth workflow was instant fail with the well architected framework committee. Using Okta was instant pass.

I don't necessarily disagree with that policy but given that Okta was breached several times while I was working there, it was interesting the extent to which our CSO had blinders about it.

eddieroger 3 hours ago | parent [-]

Liability is the answer! If you build an auth system and it fails, it's your backside. If Okta fails, it's theirs. Enterprises buy products as much as they buy protection from problems.

PunchyHamster 2 hours ago | parent [-]

They don't offer any meaningful reimbursement if they lose your data so what does that matter ?

dust-jacket 2 hours ago | parent | next [-]

Some of its about sharing the pain.

e.g. when Crowdstrike takes down Windows across the worlds or AWS east coast falls over everybody hurts. At that point the story is easy, you point at the broken thing, mumble something about improving resilience, and everyone just moves on.

Roll your own system and have it taken down / breached specifically? There's noone to point at. It's hard to make the narrative anything except it being your fault.

simonra 2 hours ago | parent | prev [-]

You have (the perception of having) someone to forward the claim to once you're hit by one where the damages are quantified in money like a life insurance or disability payout caused by the data loss?

lowdude 4 hours ago | parent | prev [-]

As someone that is not really in the game, does Okta have such a bad track record, and are there alternatives that are considered solid? From the outside, it seemed like EntraID is a bit of a burning dumpster fire, while Okta seemed expensive, but usable and decent (from comments I read)

mrhottakes 4 hours ago | parent [-]

The current default for lazy enterprise customers seems to be an unholy tangle of Active Directory, Entra, and Okta. If you use all three it's 3x more secure, right?

Avicebron 3 hours ago | parent [-]

Okta I get, Entra I sort of get. But AD is great.