Okta, one of the most widely used providers of a single-sign-on service, or SSO, recently revealed a major security flaw that was fixed at the end of October. The vulnerability affected any account with a username 52 characters or longer. At that length, the service would simply skip the password check.