Inherent security flaws of single-sign-ons

single-sign-on

Published in SC Media by Raz Rafaeli on September 6 2017

With the 2017 workplace taking it’s toll on the modern employee, you can’t blame workers – and the people who manage them, themselves feeling the squeeze – for trying to take a few shortcuts when it comes to logging onto systems.

Experience has shown that where there are passwords, hackers are not far behind

That explains the popularity of identity management single sign-on solutions – where users can register all their accounts in a “clearinghouse,” and use a single password to gain access to all their accounts and services. Besides saving time, SSOs save users from “password rage” as well, as they no longer need to remember dozens of passwords – or remember to change them on a regular basis, as many employees require to ensure maximum security. Identity management SSO solutions such as OneLogin, SecureLogin, Imprivata OneSign, PortalGuard, and others have become quite popular of late – with good reason.

In order to pull this off, security has to be top-notch – but there is an inherent weakness in the model. Many SSOs use usernames/password as at least one authentication factor to protect the accounts of users (ie their other usernames/passwords). And experience has shown that where there are passwords, hackers are not far behind.

Read Full Article