Single Sign-On (SSO)

FAQs

• Where is SSO used?

  Single Sign-On (SSO) authentication systems are mostly deployed in enterprise environments where employees need access to several applications/websites of their organization.

  

• Is SSO related to Active Directory?

  AD and SSO are quite distinct. One is the authoritative source of identities, otherwise known as an on-prem directory service, while the other is a cloud-based service. The latter uses a web app identity extension point solution to merge identities from a core directory to web applications.

• Is SSO a security risk?

  Like any access, SSO also has implied security loopholes. Fortunately, implementing additional controls, such as multi-factor authentication (MFA) and session management, can minimize the associated risks. However, you must accurately identify the dangers associated with SSO to find and implement a highly secured protocol.

• How do I test SSO login?

  You must test SSO to detect configuration problems. For this:
  – Navigate to the user page and open the SSO configuration tab
  – Click test on the “test your SSO” Section.

• Is SSO considered 2FA?

  SSO simply allows users to access their resources with a single authentication procedure. In contrast, a two-factor authentication deploys two verification methods to authorize login attempts, whereas MFA utilizes two or more methods.

• Why is SSO not secure?

  SSO has both adverse and favorable consequences. Accessing multiple platforms with a single set of credentials is indeed convenient, but from a security point of view, it can be a matter of concern. If a hacker gains access to the credentials, the security of all the associated accounts will be compromised.