Disclaimer: The risk described in this article applies to ANY website or SaaS platform with a public authentication mechanism that allows using traditional 2FA, such as push approvals or OTP, not just Okta. 📜 Background Story An enterprise client suffers a significant compromise, security teams and organizations with an IAM system