Have you noticed a new option cropping up recently on your familiar login screens? Alongside the usual username and password prompts, you may have an invitation to use Single Sign On.
What is Single Sign On?
Basically, it is what it says on the tin. It is one unified authentication service giving you access to several applications with one login.
Why would you bother using it?
Instead of having to log in separately to the applications you use regularly, one secure login gives you access to a whole suite of programs. For example, you could log into Gmail and then have permission to access the other Google features: Google Drive, Google Docs, YouTube, Google Analytics … You get the picture.
– This should encourage better productivity. You don’t have to spend half of the day logging in and out of applications.
– It has strong security as the initial sign-in is verified with authentication.
– It reduces “password fatigue”. No more having to remember multiple passwords and being forced to change them regularly. It will also remove the temptation to stick to simple, memorable (and hackable) passwords if you are trying to manage your passwords without a tool such as Dashlane or LastPass.
– You only have to go through the painful and cumbersome MFA (multi-factor authentication) process once.
– Your business will find it easier to comply with statutory security requirements.
– It’s not just for business; your social accounts can also be protected with Single Sign On.
In short, it should lead to a better user experience – not something that is often said about computer security!
Are there any downsides?
When you simply have one sign-on, it’s like putting all your eggs in one basket. There is a security risk of one password granting admittance to a whole range of apps. The mitigating factor is MFA; SSO tends to enforce enhanced security setups.
SSO can be more complicated to use than an old-fashioned username and password. If you forget how to login, you could find yourself in a world of pain where you face total lockout, not just from one system but from everything you use in your daily work. In reality there should be an option to reset your password, so all is not lost.
Obviously, you won’t be able to use SSO if the software your company uses does not offer the feature!
Should you use it?
If the option is there, it sounds like a good feature to use. Indeed you may find that the software vendor will start promoting Single Sign On ahead of your conventional login and eventually it could become compulsory.
If you are unsure about this or any other IT security features, talk to your local Computer Troubleshooters for explanations and advice.
Stay safe! Signing off for now!