The Advantages and Disadvantages of Single-Sign-On (SSO) Technology (mini-whitepaper)

Overview

Single-Sign-On (SSO) is a user-authentication process, in which the user signs in to one screen name, and it makes multiple applications or websites unlocked or logged-in. Usually, the system will have conditional measures that will know what a certain user has access to, permissions, etc., and be able to provide the services. Now, the question brought to attention is, what are the advantages and disadvantages of single-sign-on?

Advantages

• In the healthcare industry, it could be booming with single-sign-on. If a doctor were to need to sign-on to a database to access a patient’s files, he/she would also have to access x-rays, and other data that would be on a different application. Having a single-sign-on for all that would be life-saving and totally worth it. Not only that, but hours of saved time.
• Apps such as OneLogin provide easy-access to tons of accounts across the board, particularly social media. It says on their site that they are supporting “identity & access management for the cloud”.
• Could work wonders for those with disabilities. Having a disability may limit you from typing a lot of words at one time, or typing fast enough. If a single-sign-on system were in place, one login means much saved time.
• Reduces the chance of forgetting your password. By having your one-set master password, it will be a lifesaver to not have to remember a ton of passwords.
• Reduces IT help desk costs, by reducing the number of calls to the help desk about lost password.
• Newer technologies are being implemented to help detect the attempt to hack a certain system, in which it would lock out the hacker from the remaining systems. But, this has more studying to prove how good it works.

Disadvantages

• Vulnerability problems, such as with authentication, privacy keys, etc.
• The lacking of a backup stronger authentication, such as smart cards or one-time password tokens.
• The SSO is a highly-critical tool to keep up always. If the SSO goes out, the user would lose access to all sites.
• It would be critical to have a good password, one that is very hard to crack. With the reduction of accounts, particularly the fact that SSO is in play, it’ll be easier to find and hack accounts. Once the SSO account is hacked, all others under that authentication are hacked as well.
• SSO is bad news for a multi-user computer, especially if the user stays logged in all the time. This is more prevalent of an issue in plant operations, business floors, etc. where multiple users can access the computer (if the original user left their desk).

Examples of current implementations

• Log-in with Facebook
• Log-in with Twitter
• Log-in with Linked-In or Apply with Linked-In
• OneLogin
• ANGEL Learning Systems

And many more.

Worth reading: Building and implementing a SSO solution

Conclusion

Overall, the usage of SSO systems are good and bad. Based on your organization or personal life, it is your choice on whether to use it or not. Based on how potentially problematic it may be, you will have to be on your toes about a lot of it. But, I guess the time you save trying to figure out or remember your passwords, you can spend on staying guard for SSO systems.

 

Get the review of Malwarebytes’ Anti-Malware

 

If this has saved you money or your organization money, or potentially provides savings, please donate to further our cause.