Single sign-on gives end-users just one strong password to remember to access multiple applications and services.
Human memory is fickle. We forget the name of someone we just met, where we parked our car at the mall, even our anniversary. Remembering passwords just adds to the burden.
Unfortunately, most of us are faced with a mind-boggling number of passwords to recall. One recent study found that the average business user has nearly 200 unique passwords, forcing them to resort to some sort of memory-jogging technique to avoid being locked out of needed applications. Many write passwords down on sticky notes or store them in a spreadsheet or their mobile devices.
Even worse, many users engage in risky password practices. Rather than supply a unique, robust password for every application and network function, they tend to use the same password for most or all programs, or simplify passwords to the point that they’re easy for hackers to guess.
Single sign-on (SSO) technology can help reduce password overload. As the name implies, SSO gives each employee a single username and password to remember. Instead of logging into various network resources individually, the end-user logs into the SSO system once and gains access to all the files and applications he is authorized to use.
The Password Reduction Plan
An SSO system serves as a proxy for each end-user, managing the authorization process for each application he needs to access. It does the job of remembering the various usernames and passwords associated with each application on the end-user’s behalf.
More than just a relief for forgetful end-users, SSO greatly enhances network security. Passwords are generally the first line of defense for applications and data. Just as most burglars come in through the front door, many hackers will first try to guess a password to gain entry into the network. According to the 2019 Verizon Data Breach Investigations Report, 80 percent of hacking-related data breaches involved compromised, weak or reused passwords.
Cybercriminals often use malware and social engineering to obtain user credentials in targeted attacks. They also take usernames and passwords obtained from a previous data breach and attempt to use those credentials to log into an organization’s systems or applications. These so-called “credential stuffing” attacks are much more difficult to detect than typical brute force attacks. Because credential stuffing involves a high number of accounts across multiple systems, mechanisms that “lock” a user’s account after a certain number of login attempts don’t stop them.
SSO can result in an immediate improvement in security for sensitive applications and data. It also benefits organizations facing increasing regulatory scrutiny regarding their security practices by helping to ensure that password policies are followed. With a single password to remember, end-users are more likely to choose one that’s difficult to crack, and change it frequently.
Help for the Help Desk
Although many organizations have password policies in place, enforcing them can increase already heavy IT workloads. When an employee forgets Password No. 4, his recourse is to call the help desk. Gartner estimates that up to 50 percent of help desk calls are for password resets.
Forrester Research estimates that the average labor cost for a single password reset is about $70. Additionally, the sheer volume of password-related help desk calls adds up to significant productivity losses for both end-users and IT staff. SSO can eliminate 95 percent of password-related help desk calls.
An SSO initiative also forces organizations to review and enhance their identity and access management policies and procedures. IT will need to inventory all applications and their related user credentials, which affords an opportunity to determine whether users have the appropriate levels of access to do their jobs. This review should encompass all users who access the company’s systems, including business partners and customers.
Simple human forgetfulness can be costly to business. Easy-to-remember passwords threaten network security. Forgotten passwords sap productivity and increase IT costs. SSO helps solve both problems by providing employees with one strong password to access all their applications and data. If only it could help you remember your anniversary.