What is single sign on (SSO) and what is it used for?

SSO allows users to sign on once and gain entry to multiple applications and network sessions and reduces the problems of frequent password reset requests from users who have difficulty remembering several passwords.

Single sign-on is a way for a user to offer a security token (such as a username/password pair) once and use it to gain access to multiple systems, platforms, apps, or other resources.

It helps make things easier for users because they don't have to remember multiple logins and passwords, and it makes things easier for IT because they don't have to consolidate multiple services onto a single server. For instance, an organization might use SSO to allow users to log in to both proprietary web applications running on an internal server and a SaaS-hosted ERP system.

In order for SSO to work, a user must be able to authenticate once and receive authorization, based on his or her confirmed identity, to access multiple other computers. This can also work the other way: a single computer may provide services to users authorized on multiple other computers. The SAML standard defines how all these computers communicate with each other securely.

NEW! Download the Winter 2018 issue of Security Smart