Your Company's Newest Employee Has No Password

Somewhere right now, an employee at a mid-sized company bought a second laptop. Not for travel — to keep their AI agent separate from their work machine. They handed it their corporate email credentials, their Slack login, their Google Drive password, and let it run overnight. It filed reports, scheduled meetings, reviewed pull requests. The security team has no idea.

This is the scenario keeping Todd McKinnon up at night. As co-founder and CEO of Okta — the $14 billion identity platform that manages logins for 20,000 enterprise customers — he went on record at his last earnings call saying he was "paranoid." In a recent wide-ranging interview on The Verge's Decoder podcast, he explained exactly what that paranoia looks like in practice, and why he thinks the answer isn't just a kill switch — it's an entirely new category of security.

The SaaSpocalypse Is Real, Just Not the Way You Think

The tech industry has been buzzing about the "SaaSpocalypse" — the idea that AI coding tools have become good enough that companies will simply build their own software instead of paying monthly SaaS fees. Why pay for Trello when you can vibe-code a Trello in an afternoon?

McKinnon doesn't dismiss the threat. But he draws a sharp line between commodity SaaS and infrastructure software. "You can build the features and functions, but the last thing is to connect it to everything," he said. "Thousands and thousands of different applications, services, and pieces of infrastructure have to be connected to the last mile."

His argument for Okta's resilience rests on three pillars: the sheer complexity of maintaining integrations across a constantly shifting ecosystem; the mission-critical nature of identity software, where 100% uptime isn't a marketing claim but a contractual obligation; and the reputational calculus of enterprise security purchasing. "If you get breached, your board asks what you picked. 'We saved money by building it ourselves' is not a great answer."

That last point is cynical, but it's also accurate. Enterprise security buying decisions are as much about liability transfer as they are about capability. Nobody ever got fired for picking the market leader.

The Real Opportunity: Every Agent Needs a Badge

Where McKinnon gets genuinely animated is the market he thinks nobody has fully mapped yet: AI agent identity management.

The global cybersecurity market runs at roughly $280 billion annually. Identity management is about 10% of that — around $28 billion. McKinnon believes agent identity management could dwarf that number, potentially becoming the single largest category in cybersecurity.

The logic is straightforward once you see it. Salesforce has Agentforce. ServiceNow has agents. Amazon, Microsoft, and Google are all racing to deploy agent platforms. Within a few years, a typical enterprise won't manage dozens of software licenses — it will manage hundreds or thousands of AI agents, each with its own access patterns, data connections, and behavioral footprint.

Right now, there's no standardized way to track what those agents are doing, what they can access, or how to stop them when something goes wrong.

Okta's proposed blueprint has three components. First, register agents as a distinct identity type — what McKinnon calls "somewhere between a person and a system." Agents can be granted roles and permissions like employees, but they can also act on behalf of specific humans or operate entirely autonomously. Second, standardize the connection points between agents and the systems they access, creating an auditable record of what touches what. Third — and this is the one that gets quoted — provide a kill switch.

Sponsored

Advertise with Us

[email protected]

Sponsored

"It's not pulling the plug on the agent itself," McKinnon clarified. "It's pulling away its connections to everything it can access. Like taking a machine off the network."

The OpenClaw Moment

McKinnon describes the viral spread of autonomous AI agent usage — the kind where people hand their credentials to an agent running on a separate machine — as "the ChatGPT moment for agents." His tell: at his son's soccer game, non-technical parents were talking about automating their workflows with AI agents.

What made these tools so immediately compelling wasn't that they bypassed security systems. It's that they didn't need to. They just acted like humans — clicking, logging in, navigating interfaces. From the perspective of most security infrastructure, they were indistinguishable from the person whose credentials they held.

This is the gap Okta is trying to close. Not by making agents less capable, but by making their activity legible and reversible.

The Stakeholder Divide

Not everyone sees this the same way.

For enterprise security teams, McKinnon's framework is appealing precisely because it doesn't require them to say no to AI adoption. Instead of blocking agents, they can instrument them. The kill switch is a relief valve, not a prohibition.

For the big platform vendors — Microsoft, Salesforce, Google — the calculus is more complicated. Each has strong incentives to keep their agents operating within their own ecosystems. McKinnon acknowledged this directly, predicting that as multi-silo agents become common, platform vendors will charge "massive access fees" for cross-system agent activity. He went further than most enterprise CEOs typically do, invoking antitrust: "If the market doesn't work, customers can't force the choice. Then we have to rely on regulators."

For individual employees, the picture is murkier. McKinnon believes there will be more software engineers in five years, not fewer — the argument being that AI-generated code creates more software that needs to be maintained, scaled, and understood. But he also noted that no one has yet maintained an agentically-developed system for five years. The skills required don't fully exist yet.

For privacy advocates, the identity digitization trend McKinnon described — mobile driver's licenses, digital passports, biometric authentication — cuts both ways. It could make it easier to prove you're a real person online and harder for AI-powered fraud to impersonate you. It also means more of your identity infrastructure running through centralized, hackable systems.

The Deeper Question Nobody's Answering

Beneath the product roadmap and market sizing is a more unsettling question that McKinnon touched on without fully resolving.

He described companies as eager to "take the labor budget and divert it into the technology budget." The efficiency gains are real. But when an AI agent does the work a junior analyst used to do, the analyst isn't just displaced — they also never develop the judgment that comes from doing that work. McKinnon's optimistic counterargument is that new, harder problems will emerge that require human expertise. The less optimistic reading is that we're systematically eliminating the training ground for that expertise.

The software industry itself is a case study. Okta was built by engineers who learned by building things that broke, debugging systems under pressure, and accumulating scar tissue from production incidents. If the next generation of engineers primarily supervises AI-generated code, what kind of engineers do they become — and what happens when the AI gets something catastrophically wrong?

McKinnon's answer — that computer science education will evolve, just as it moved from assembly language to high-level languages — is probably right in the long run. The question is whether the transition is managed or chaotic.