The Security and Efficiency of Single Sign-On (SSO)

  • March 30, 2021
  • Author: Matthew

You may have heard the term SSO before, but what does it mean?

What is SSO?

SSO is short for Single Sign-On. It’s a service that allows you to access multiple sites or services with the same login. 

If you’ve ever gone to a website and been given the option to log in with Google or Yahoo, that’s SSO. 

Even if you haven’t used that feature, you’ve probably used SSO before. When you login to Gmail with your credentials, and then open YouTube, you don’t have to type in your credentials again, right? That’s also SSO!

We’ll explain exactly how it works later in the post, but for now let’s look at the alternatives – the ways that people usually deal with their login credentials.

2 main ways to manage passwords without SSO

Most of us use a lot of different online services in our day-to-day life. And with those accounts come a bunch of sets of login credentials that we have to remember. 

As they add up, it gets tough to remember them all. Without using SSO, there are a couple of ways to deal with this issue.

1. Single set of credentials

If you have trouble remembering a bunch of unique passwords, you may be tempted to simply stick with the same username and password for every site. 

While this can be dangerous, you can always make sure you never tell anyone or let them see your screen, and then you’re all good, right?

Wrong! Even if you never let a single person see your password, there’s another security risk: the websites you visit. 

Some sites are simply insecure and don’t have much protection, leaving them vulnerable to hackers. And other sites are intentionally designed to gain access to your credentials as soon as you create an account, and either sell them or use those credentials to get into your accounts on other, more important sites. 

Using identical sets of credentials for multiple sites, while time-efficient, is extremely dangerous and not worth the risk if you care about your sensitive info.

2. Different set of credentials for every site

Some people have a great memory or find clever ways to remember a bunch of different passwords, and using unique credentials for every site can work for them. 

But even if you’re one of those people, your email address poses a risk. If you’re using the same email for every account and a hacker gets access to just those email credentials, they can request password resets for every connected account and gain access that way.

And if you create a bunch of emails, that’ll simply end up becoming a massive time sink and a headache to keep track of.

This is where the simplicity and security of SSO comes in.

But isn’t Single Sign On the same as using a single set of credentials?

While you are technically using a single set of credentials, SSO is far more secure than simply using the same email and password.

How SSO works

With SSO, there are three main participants in the login process.

  1. You, the user
  2. The website you’re trying to log into, the service provider
  3. The server where all credentials are stored, the identity provider 

(the identity provider is hosted by the SSO service, not the websites you log in to.)

Logging in via SSO is a simple process:

  1. The user connects to the service provider (visits the website)
  2. The service provider asks the identity provider for verification
  3. The user is directed to the identity provider and enters their set of SSO credentials
  4. The identity provider sends a verification to the service provider
  5. The service provider gives the user access to the service (User gets into the website)

With this system, the website itself doesn’t get access to any credentials. It just asks for an okay from the identity provider, and once it gets that okay, it lets you in.

Since you’re not giving the website itself any credentials, you’re safe from malicious websites that want to steal your passwords. Even if a site you log into is hacked, your info is safe and secure.

The most secure and efficient way to log in to any account

As the influence of technology grows more and more in our daily lives, the number of credentials we have to use grows with it. Use SSO and skip the headache. 

For more info, get in touch with us today!

Related posts
Image

What are Desktop Softphones and How Can They Add Value to Your Business?

Before we get started, let’s define what a softphone is. The term softphone is a combination of the words “software” and “phone” – and that’s exactly what it is. A desktop softphone is an application for your desktop computer that allows you to make calls over the internet, rather than using a traditional phone line. […]

Read more
Image

Text-to-Speech Technology: 6 Ways it can Improve Your Business

Text-to-speech seems like a simple tool, but there are far more benefits to it than most people realize. You can increase the reach of your business, reach out to new people, improve employee training, and make productivity easy with this great service! Accessibility for people with disabilities There are a huge number of people who […]

Read more
Image

Interactive Voice Response: How to use it to its Fullest Potential

IVR, short for “Interactive Voice Response,” is a system that you probably come across often in your day-to-day life.  When you call the local department store, you may be met with a pre-recorded voice that tells you to press a button on your keypad to connect to the department you want. That’s an IVR system.  […]

Read more