Sso

🟡 Medium | Source: The Hacker News Many organisations issue temporary passwords during employee onboarding that are shared over insecure channels such as email or SMS, and often never changed. These credentials can persist indefinitely, be reused across multiple accounts, and represent an easily exploitable entry point for attackers. The risk is compounded at scale, as every new hire represents a potential window of exposure if the process is not tightly controlled. ...