Okta used to allow login bypass for any usernames with 52+ characters. 

This vulnerability was resolved in Okta's production environment on October 30, 2024

See more: 
https://trust.okta.com/security-advisories/okta-ad-ldap-delegated-authentication-username/

#cybersecurity