The Security and Efficiency of Single Sign-On (SSO)

  • March 30, 2021
  • Author: Keith Young

You may have heard the term SSO before, but what does it mean?

What is SSO?

SSO is short for Single Sign-On. It’s a service that allows you to access multiple sites or services with the same login. 

If you’ve ever gone to a website and been given the option to log in with Google or Yahoo, that’s SSO. 

Even if you haven’t used that feature, you’ve probably used SSO before. When you login to Gmail with your credentials, and then open YouTube, you don’t have to type in your credentials again, right? That’s also SSO!

We’ll explain exactly how it works later in the post, but for now let’s look at the alternatives – the ways that people usually deal with their login credentials.

2 main ways to manage passwords without SSO

Most of us use a lot of different online services in our day-to-day life. And with those accounts come a bunch of sets of login credentials that we have to remember. 

As they add up, it gets tough to remember them all. Without using SSO, there are a couple of ways to deal with this issue.

1. Single set of credentials

If you have trouble remembering a bunch of unique passwords, you may be tempted to simply stick with the same username and password for every site. 

While this can be dangerous, you can always make sure you never tell anyone or let them see your screen, and then you’re all good, right?

Wrong! Even if you never let a single person see your password, there’s another security risk: the websites you visit. 

Some sites are simply insecure and don’t have much protection, leaving them vulnerable to hackers. And other sites are intentionally designed to gain access to your credentials as soon as you create an account, and either sell them or use those credentials to get into your accounts on other, more important sites. 

Using identical sets of credentials for multiple sites, while time-efficient, is extremely dangerous and not worth the risk if you care about your sensitive info.

2. Different set of credentials for every site

Some people have a great memory or find clever ways to remember a bunch of different passwords, and using unique credentials for every site can work for them. 

But even if you’re one of those people, your email address poses a risk. If you’re using the same email for every account and a hacker gets access to just those email credentials, they can request password resets for every connected account and gain access that way.

And if you create a bunch of emails, that’ll simply end up becoming a massive time sink and a headache to keep track of.

This is where the simplicity and security of SSO comes in.

But isn’t Single Sign On the same as using a single set of credentials?

While you are technically using a single set of credentials, SSO is far more secure than simply using the same email and password.

How SSO works

With SSO, there are three main participants in the login process.

  1. You, the user
  2. The website you’re trying to log into, the service provider
  3. The server where all credentials are stored, the identity provider 

(the identity provider is hosted by the SSO service, not the websites you log in to.)

Logging in via SSO is a simple process:

  1. The user connects to the service provider (visits the website)
  2. The service provider asks the identity provider for verification
  3. The user is directed to the identity provider and enters their set of SSO credentials
  4. The identity provider sends a verification to the service provider
  5. The service provider gives the user access to the service (User gets into the website)

With this system, the website itself doesn’t get access to any credentials. It just asks for an okay from the identity provider, and once it gets that okay, it lets you in.

Since you’re not giving the website itself any credentials, you’re safe from malicious websites that want to steal your passwords. Even if a site you log into is hacked, your info is safe and secure.

The most secure and efficient way to log in to any account

As the influence of technology grows more and more in our daily lives, the number of credentials we have to use grows with it. Use SSO and skip the headache. 

For more info, get in touch with us today!

Related posts
Image

How to Cut Down on Costs in Hospitality with a Cloud Based Phone System

As a result of increasing gas prices and the economic downturn experienced at a global scale, the cost of travel and hospitality services continue to increase rapidly. Consequently, hospitality services and businesses have taken a hit in revenue and expenses. During these times, hospitality businesses have been forced to examine ways in which they can […]

Read more
Image

Meet Michelle

Previous Experience: “Many administration roles, journalism and politics” What do you like most about UnitedCloud? “Although we are a small team, I feel that we are a close knit group that work well together and although taking our work seriously, we still have fun together and have each other’s backs.” What hobbies and interests do […]

Read more
Image

Meet William

Previous Experience: 15 years of systems admin. Certification(s): A+, Network +, ITIL Foundations, Sip School Elite What do you like most about UnitedCloud? “Being part of a close knit team.” What hobbies and interests do you have outside of work? “MMA, golf and cars” What were you like at the age of 10? “Creepy little […]

Read more