The Many Forms of Single Sign-On

The Many Forms of Single Sign-On

What is Single Sign-On? What are the many forms of Single Sign-On? How can you implement it in your IT environment and your identity management platform? 

At its core Single Sign-On allows a user to log into one system and receive access to other services. This proves especially relevant to enterprises since employees often need to access multiple services at once to conduct and complete their everyday workflows; every required log-in takes time and a password. With every password comes the increased chance of passwords being stolen on the one hand and being forgotten (and wasting time in recovery) on the other. 

Google’s services serve as an excellent example; your Google credentials give you access to Gmail, Google Drive, Youtube, and many other tools and services at once. 

But this isn’t a one size fits all tool. There are many forms of Single Sign-On. To learn more, we consulted “The Definitive Guide to Single Sign-On,” a whitepaper published by Auth0 as part of its Identity White Paper Bundle.  Here’s what we gleaned about this unique tool in authentication

The Many Forms of Single Sign-On

Username and Password

You should know this one by heart; in fact, we’d wager that you’ve used this method of authentication multiple times today. However, username and password combinations remain tricky to fortify securely and to maintain via a consistent cybersecurity policy. There are far too many ways hackers can and will find the passwords and exploit them. 

If you do want to pursue, Auth0 advises using tools and policies that enhance password security, including vaults, rotation, and password-creation rules that supplement strong passwords. 

Social

Another of the many forms of Single Sign-On involves social; essentially, this allows login via already existing accounts on other sites. It’s name comes from how users can authenticate themselves via social media platforms like Facebook and Twitter; if you can log in there, you can log into work, so the logic goes. 

This particular form of Single Sign-On is incredibly popular as a form of customer identity and access management (CIAM) as it facilitates the authentication process and gets customers to finish their shopping faster; customers express appreciation for this type of user experience. 

However, this does leave your authentication in the hands of a third-party, which can feel precarious at the best of times. 

Passwordless

The latest in authentication innovations, passwordless only asks for a username at the initial login stage. Once that is verified, it sends a one-time password via email, SMS, or a dedicated app. Once the user provides this one-time password, they are authorized. This does away with the traditional problems of passwords, as it removes their vulnerability to guessing or cracking via conventional means. 

Multifactor Authentication (MFA)

Of course, why let a single factor dictate your authentication and Single Sign-On. You could also implement a multifactor authentication program, which asks for multiple pieces of identification before authorizing. These can be active factors like biometrics and tokens, or passive like location and time of access request. The more factors between the user and the IT environment, the less likely hackers can gain malicious access. 

All of that and more is in “The Definitive Guide to Single Sign-On,” a whitepaper published by Auth0 as part of its Identity White Paper Bundle. You can download it now, and check out the Solutions Review Suggestion Engine and Buyer’s Guide.    

Ben Canner