We’re making a significant upgrade to our user authentication service, moving from our current central authentication service to a new, more robust Okta-based authentication service. This change is designed to enhance your experience with improved consistency, security, and scalability across all Bugcrowd services.
The move to Okta will bring several key benefits:
- Faster Features Delivery: Our new system will allow us to deliver new authentication features at a quicker pace.
- Enhanced Security: We’re always striving to keep your accounts safe, and this upgrade brings even stronger security measures.
- Scalability: As Bugcrowd grows and adds more services and platforms, this new system will scale effortlessly.
Key Changes to Your User Experience Post-Upgrade
While the migration itself is designed to be seamless, there are a few important changes to be aware of once you’re on the new authentication service:
- User Login URL Has Changed: The new hacker user login URL will be login.hackers.bugcrowd.com, please update your bookmarks. During and after migration, the old URL for authentication identity.bugcrowd.com will redirect the users to the new login URL
- Revoke All Active User Sessions: The new authentication service will show you all your active sessions, but it only supports revoking all active sessions, not individual ones.
- User Account Lockout: If your account gets locked, you’ll receive an email with an “Unlock account” link. You can also click the “Unlock” link directly on the login page. If you don’t take any action, your account will also automatically unlock after one hour.
Upgrade Timeline
We’ll be rolling out this upgrade in phases starting November 2025. We’re working to make this transition as smooth as possible for everyone.
What to Expect During the Upgrade
All users will be seamlessly migrated to the new Okta-based authentication services.
- A week before the upgrade until your upgrade date: You’ll see a banner when you log in with information about the upgrade
- On upgrade date and onwards until you logout or your session expires: A migration banner will appear, prompting you to log out and directing you to the new authentication service.
- Passwords and MFA: your existing password and MFA will be migrated automatically. No action is required on your part.
We’ve taken great care to make this upgrade process simple and minimize any actions required from your end. If you have any questions, please don’t hesitate to reach out to the Bugcrowd Support team.
