The Security and Efficiency of Single Sign-On (SSO)

  • March 30, 2021
  • Author: Matthew

You may have heard the term SSO before, but what does it mean?

What is SSO?

SSO is short for Single Sign-On. It’s a service that allows you to access multiple sites or services with the same login. 

If you’ve ever gone to a website and been given the option to log in with Google or Yahoo, that’s SSO. 

Even if you haven’t used that feature, you’ve probably used SSO before. When you login to Gmail with your credentials, and then open YouTube, you don’t have to type in your credentials again, right? That’s also SSO!

We’ll explain exactly how it works later in the post, but for now let’s look at the alternatives – the ways that people usually deal with their login credentials.

2 main ways to manage passwords without SSO

Most of us use a lot of different online services in our day-to-day life. And with those accounts come a bunch of sets of login credentials that we have to remember. 

As they add up, it gets tough to remember them all. Without using SSO, there are a couple of ways to deal with this issue.

1. Single set of credentials

If you have trouble remembering a bunch of unique passwords, you may be tempted to simply stick with the same username and password for every site. 

While this can be dangerous, you can always make sure you never tell anyone or let them see your screen, and then you’re all good, right?

Wrong! Even if you never let a single person see your password, there’s another security risk: the websites you visit. 

Some sites are simply insecure and don’t have much protection, leaving them vulnerable to hackers. And other sites are intentionally designed to gain access to your credentials as soon as you create an account, and either sell them or use those credentials to get into your accounts on other, more important sites. 

Using identical sets of credentials for multiple sites, while time-efficient, is extremely dangerous and not worth the risk if you care about your sensitive info.

2. Different set of credentials for every site

Some people have a great memory or find clever ways to remember a bunch of different passwords, and using unique credentials for every site can work for them. 

But even if you’re one of those people, your email address poses a risk. If you’re using the same email for every account and a hacker gets access to just those email credentials, they can request password resets for every connected account and gain access that way.

And if you create a bunch of emails, that’ll simply end up becoming a massive time sink and a headache to keep track of.

This is where the simplicity and security of SSO comes in.

But isn’t Single Sign On the same as using a single set of credentials?

While you are technically using a single set of credentials, SSO is far more secure than simply using the same email and password.

How SSO works

With SSO, there are three main participants in the login process.

  1. You, the user
  2. The website you’re trying to log into, the service provider
  3. The server where all credentials are stored, the identity provider 

(the identity provider is hosted by the SSO service, not the websites you log in to.)

Logging in via SSO is a simple process:

  1. The user connects to the service provider (visits the website)
  2. The service provider asks the identity provider for verification
  3. The user is directed to the identity provider and enters their set of SSO credentials
  4. The identity provider sends a verification to the service provider
  5. The service provider gives the user access to the service (User gets into the website)

With this system, the website itself doesn’t get access to any credentials. It just asks for an okay from the identity provider, and once it gets that okay, it lets you in.

Since you’re not giving the website itself any credentials, you’re safe from malicious websites that want to steal your passwords. Even if a site you log into is hacked, your info is safe and secure.

The most secure and efficient way to log in to any account

As the influence of technology grows more and more in our daily lives, the number of credentials we have to use grows with it. Use SSO and skip the headache. 

For more info, get in touch with us today!

Related posts

10 Reasons Hosted Phone is the Best Choice for Your Healthcare Business

For small clinics, large hospitals, pharmacies, labs, and all other healthcare businesses, efficiency and reliable communications are crucial for success and the safety and health of your patients.  That’s why a hosted phone system is the best choice for your healthcare business. This advanced communications solution allows healthcare professionals to combine digital and physical interactions […]

Read more

How to Choose the Best Video Conferencing Solution for Your Business

As remote work becomes an essential part of the modern workplace, the best video conferencing solution for your business will facilitate productivity rather than hamper it. The right video conferencing solution will empower users and reduce the burden on your IT department. It facilitates:  Internal project collaboration – Your teams can connect easily and from […]

Read more

Meet Mark

Mark Atkinson Previous Experience:  Largely sales focused, I owned several small businesses in Ontario. Since living in Alberta, I’ve held a Business Development position with Philip Morris International and Director of Sales ~ Western Canada for Canada’s leading LIVE Events SaaS provider, AudienceView. Certifications:  Sales Professional Certification with InBev Full Certification with UnitedCloud First Aid/CPR? […]

Read more