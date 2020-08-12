Single Sign On (SSO) is a type of single login that aims to reduce the need to create new passwords on online services. It is estimated that 78% of people write down passwords in unsafe locations and 34% repeat the code on various websites and applications, according to data from Okta, an identity management company. As a result, four out of five hacker attacks take advantage of weak, stolen or reused passwords.

To solve the problem, SSO is a kind of bridge between the user and a store, an app and other platforms via the Internet. Instead of memorizing and entering a password for each of these places, the user can use this intermediary, who in turn unifies the process and automatically logs in after a first authentication. Here’s how technology works and how it can help eliminate passwords.

How Single Sign On works

Single Sign On is an authentication service that connects the user to other services. Instead of creating independent passwords, the feature requires a strong password and other identification methods to ensure that it is not hijacked. After the first login, SSO takes care of informing other sites and apps that the user is really who he says he is.

The unified logins offered by Google, Facebook and LinkedIn are examples of Single Sign On services. Through them, the user can create accounts and log in to various websites and apps with a single click. Behind the scenes, social networks report basic data to the visited platform to fill in the registration form automatically.

Difference from common passwords

The main difference is the ease of access. On a website that supports Single Sign On, the user has the option to create an account with one click. To do this, simply select an SSO service already used. If the website or app is one day the target of a hacker attack, attackers will not have access to the credentials of those who have chosen SSO.

Likewise, you only need to memorize a password. Even though it is a difficult combination, writing a single code tends to be easier than knowing multiple passwords in your head. As a consequence, repeated passwords are no longer threatening and the consumer tends to have more reason to complete a purchase. It is estimated that one third of abandoned shopping carts in e-commerce are due to forgetting passwords.

Is SSO safe?

SSO services, in general, require setting strong passwords. In addition, some use alternative methods of identity verification, such as inserting a security card, or reading fingerprints, face and other forms of biometric identification to complete the login. In this way, the process is usually more secure.

Business alternatives bring the highest level of security. For this reason, corporate notebooks can bring smart card input, in addition to a fingerprint reader and an infrared camera for facial reading. In addition, more advanced services use contextual information to improve identification, such as the cell phone’s IMEI, device’s IP or GPS location.

Among the consumer solutions, the highlight goes to Sign In With Apple. Although it is still compatible with few websites and apps, Apple’s login promises to better select information shared on the Internet and even create hidden emails to avoid being the target of leaks.

Logging in using social networks, on the other hand, is seen as less secure. If the profile is hacked, the hacker can gain access to any connected website and app. However, it is possible to increase security by adding two-step verification on social networks.



