Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g. name and password) to access multiple applications. From an IS/IT department’s point of view there are many reasons that make Single Sign-On an obvious choice to implement.
By limiting the number of passwords that users must remember they are likely to take more effort in choosing a secure password and less likely to have it stored insecurely (i.e. written on a sticky note) to help them remember.
Users’ credentials are also stored in fewer places and are therefore less exposed to the risk of being compromised.
Lower administration and support overheads are realised through less management of on-boarding new users, deactivating old users, and resetting forgotten passwords.
Improved password strength
Password controls can be enforced and administered to ensure users are setting appropriate passwords, and these policies and controls are centrally controlled, ensuring that these policies can be easily updated and managed.
Simple end user experience
Allowing a user to login and access all systems via a single domain password makes the system easier and more efficient to use and counteracts the need to remember and store (likely insecurely) a range of passwords.
From a SaaS provider’s point of view, integrating with every customer’s active directory is not a sustainable or scalable scenario.