Single Sign-On (SSO)
Definition
Single Sign-On (SSO) is an authentication scheme that allows a user to log in with a single set of credentials to multiple independent software systems. With SSO, a user logs in once and gains access to all systems without being prompted to log in again at each of them.
Why It Matters
SSO improves user experience by reducing the number of passwords users need to remember. From a security perspective, it centralizes authentication, allowing for better management of access and easier enforcement of policies like multi-factor authentication.
Contextual Example
An employee logs into their company's identity portal (like Okta or Azure Active Directory) once in the morning. They can then access all their work applications—like email, Slack, and Salesforce—for the rest of the day without having to enter a password for each one.
Common Misunderstandings
- SSO is about convenience and centralized authentication. It doesn't inherently make an account more secure, but it makes it easier to apply strong security measures like MFA across many applications.
- SAML and OAuth 2.0 are common protocols used to implement SSO.