How can you tell that these subdomains are legitimate? Any URL \*.okta.com resol... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		frays on March 22, 2022 \| parent \| context \| favorite \| on: Hackers claim to have breached Okta systems How can you tell that these subdomains are legitimate? Any URL *.okta.com resolves and loads an Okta login screen but doesn't mean it's an actual customer. For example, https://fake-ycombinator.okta.com works and shows the same login screen as https://pets.okta.com/. But only the latter is on the list, how do you know it's a legitimate customer?

xeromal on March 22, 2022 [–]

Not saying that their process is right, but I searched for 3 small companies that I know are running with Okta and found them in this list.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact