SSO

What is single sign on (SSO)? Definition, characteristics and advantages

30th May 2017

With each passing day we use more systems in our everyday lives, and memorising the complex passwords for each of those systems is a challenge many users face every day. Single Sign On (SSO) may be the solution to this issue. Thanks to it, we are able to access different applications and services with a single identity, and adding and deleting users in our systems will be easier.

What is Single Sign On, and what does it do?

Single Sign On, also known as SSO, allows users to have access to multiple applications by signing in using only one account to different systems and resources. SSO is most useful when there are various systems that can be accessed by using a single password, and we want to prevent repeated access to them each time the user is disconnected from the service. This is highly convenient for users, since, by identifying themselves just once, it is possible to maintain a valid session for the rest of the applications which use SSO.

SSO aims to simplify the user experience on the Internet by completely facilitating session sign-in tasks.

Using the Single Sign On identification system, it is possible to have multiple accesses with a single account; for example, by signing in to Gmail we will have access to its various web applications, such as Google Docs, Google Maps, Google Books, etc.

Single Sign On Features

This authentication procedure facilitates access to different platforms. It also has other important features in regards to simple management, security, ease of use and seamlessness.

Easy management

Using SSO synchronises passwords and user information, which makes access to different platforms and resources easier.

Security

This authentication system improves network and application security. Single Sign On can uniquely identify a user, and it therefore complies with the most demanding safety standards.

Information provided by SSO moves encrypted across the network.

Ease of use

SSO solutions improve the user experience by avoiding the interruptions caused by password requests to access their IT tools.

The user is authenticated once and the system allows him to access the resources for which he is authorised.

Seamlessness

Access to all applications by the user takes place seamlessly due to sign-in automation.

 

Types of Single Sign On

Enterprise Single Sign On (E-SSO)

This type of system works as a primary authentication, intercepting login requests when required by secondary applications in order to fill out the user and password fields. The E-SSO system allows for interaction with other systems that may disable the login screen.

Web single sign-on (Web-SSO)

This type of solution only works with applications which can be accessed through the web, and its goal is the authentication of a user on several applications without the need to get identified again.

Access data is intercepted by a proxy server that performs the communication and then transfers the result to the computer that requested it. Unidentified users are redirected to an authentication service, returning a successful login.

Federated identity

This type of Single Sign On involves an identity management solution that uses standards to enable applications to identify clients without the need for redundant authentication.

Open ID

Open ID is a decentralised SSO process in which the user identity is stored at a URL that any server can verify.

Single Sign On Advantages and Disadvantages 

Advantages

Disadvantages

Streamlines user access to their applications Using a single password increases the chances of password vulnerability
Reduces the load of memorising several passwords When SSO fails, access to all related systems is lost
Easy to implement and connect to new data sources Identity spoofing in user external accesses

For businesses, having an authentication system such as Single Sign On means freeing the user of the burden of remembering several passwords, and also offers significant benefits directly related to efficiency. This reduces calls to technical support or the IT department to solve issues related to password security.