The Security and Efficiency of Single Sign-On (SSO)

  • March 30, 2021
  • Author: Matthew

You may have heard the term SSO before, but what does it mean?

What is SSO?

SSO is short for Single Sign-On. It’s a service that allows you to access multiple sites or services with the same login. 

If you’ve ever gone to a website and been given the option to log in with Google or Yahoo, that’s SSO. 

Even if you haven’t used that feature, you’ve probably used SSO before. When you login to Gmail with your credentials, and then open YouTube, you don’t have to type in your credentials again, right? That’s also SSO!

We’ll explain exactly how it works later in the post, but for now let’s look at the alternatives – the ways that people usually deal with their login credentials.

2 main ways to manage passwords without SSO

Most of us use a lot of different online services in our day-to-day life. And with those accounts come a bunch of sets of login credentials that we have to remember. 

As they add up, it gets tough to remember them all. Without using SSO, there are a couple of ways to deal with this issue.

1. Single set of credentials

If you have trouble remembering a bunch of unique passwords, you may be tempted to simply stick with the same username and password for every site. 

While this can be dangerous, you can always make sure you never tell anyone or let them see your screen, and then you’re all good, right?

Wrong! Even if you never let a single person see your password, there’s another security risk: the websites you visit. 

Some sites are simply insecure and don’t have much protection, leaving them vulnerable to hackers. And other sites are intentionally designed to gain access to your credentials as soon as you create an account, and either sell them or use those credentials to get into your accounts on other, more important sites. 

Using identical sets of credentials for multiple sites, while time-efficient, is extremely dangerous and not worth the risk if you care about your sensitive info.

2. Different set of credentials for every site

Some people have a great memory or find clever ways to remember a bunch of different passwords, and using unique credentials for every site can work for them. 

But even if you’re one of those people, your email address poses a risk. If you’re using the same email for every account and a hacker gets access to just those email credentials, they can request password resets for every connected account and gain access that way.

And if you create a bunch of emails, that’ll simply end up becoming a massive time sink and a headache to keep track of.

This is where the simplicity and security of SSO comes in.

But isn’t Single Sign On the same as using a single set of credentials?

While you are technically using a single set of credentials, SSO is far more secure than simply using the same email and password.

How SSO works

With SSO, there are three main participants in the login process.

  1. You, the user
  2. The website you’re trying to log into, the service provider
  3. The server where all credentials are stored, the identity provider 

(the identity provider is hosted by the SSO service, not the websites you log in to.)

Logging in via SSO is a simple process:

  1. The user connects to the service provider (visits the website)
  2. The service provider asks the identity provider for verification
  3. The user is directed to the identity provider and enters their set of SSO credentials
  4. The identity provider sends a verification to the service provider
  5. The service provider gives the user access to the service (User gets into the website)

With this system, the website itself doesn’t get access to any credentials. It just asks for an okay from the identity provider, and once it gets that okay, it lets you in.

Since you’re not giving the website itself any credentials, you’re safe from malicious websites that want to steal your passwords. Even if a site you log into is hacked, your info is safe and secure.

The most secure and efficient way to log in to any account

As the influence of technology grows more and more in our daily lives, the number of credentials we have to use grows with it. Use SSO and skip the headache. 

For more info, get in touch with us today!

Related posts
Image

UnitedCloud will be Exhibiting at ITech Conference 2021

We’re pleased to announce that UnitedCloud will be at the ITech IT live conference in Toronto!  ITech is Toronto’s leading IT conference and exhibition. It’s a great networking opportunity, and it keeps industry leaders up to date on the latest trends. Demonstrations, keynotes, and workshops are hosted throughout the conference, so there’s plenty to learn.  […]

Read more
Image

6 Reasons your Car Dealership can Grow with a Hosted Phone Solution

If you’re running a car dealership and using a traditional phone system, you could be missing out on plenty of opportunities. Seeing as effective communication is key to success in this industry, a hosted phone system cuts costs and opens doors for your business to grow and expand beyond what your old system would allow. […]

Read more
Image

Why a White Label Communications Solution?

White labelling is a great business strategy that can save you on time, expensive investment costs and present you with a polished product, ready to sell. Ever wanted to skip the tedious aspects of offering a product and just focus on sales?  That’s exactly what white labelling does for you. What is White Labelling? Before […]

Read more