How many applications is your company using at the moment? Three, four, ten? Chances are it is more than one, and with the vast number of applications available for businesses, there is a likelihood that the number of applications will grow as time goes on. With all of these applications comes login prompts for each application. This can result in many things, including password fatigue, forgotten passwords, and a bottle neck for productivity.
Dealing with a high number of applications
The popularity of applications is connected to many factors; they are often more affordable, they typically store data in the cloud, and they lend themselves to being accessible in different locations outside of the end user’s work station. This makes applications very appealing and has greatly contributed to their popularity within schools and businesses alike. However, unlike most static programs that live within a computer’s hard drive, these apps require the user to log in each time he/she needs access. This can be a royal pain if you are logging into more than one app a day, which is very likely.
This can take away from the appeal of these applications for the end-user; however, there are ways to easily get over this hurdle.
Reducing multiple login prompts
Reducing multiple login prompts can be achieved by incorporating Single Sign-on (SSO) into your environment. SSO will reduce the login requirements from multiple to one central login; that sounds pretty great doesn’t it? Life just got easier for your end-users and easier for you as an IT professional because now all you have to manage is the one account beyond the initial setup and not the accounts of each individual application.
Beyond the convenience factor of only having to login once, there is also the huge benefit of only having to remember one set of login credentials. This will help in reducing the number of password related helpdesk calls due to forgotten passwords and account unlocks. It is very common for someone to have to access 5 to 20 applications per day; that is 5 to 20 different user names and passwords that have to be remembered on any given day. Unless the end user is using a password vault or has a notebook with account information on hand, the odds are good they may forget their credentials.
Account lockouts can be easily corrected by the end-user with a self-service password reset solution in place, more on that to come.
How Single Sign-on Works
I always find that when trying to understand how something works, it is best to have a clear definition of the process.
Wikipedia defines Single sign-on as the following:
Single sign–on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them.
Now that we have a clear definition on what the process is, let’s discuss how it works. SSO is a simple technical process that allows the end-user to login to a single portal and access multiple applications seamlessly, reducing multiple login screens and increasing security by having a central entry point.
There are a few common ways to achieve SSO to web applications via a SAML Identity Provider, Form-based, and via CAS. Depending on how the application is configured would determine the type of protocol that would be used to set SSO in place.
The Security of SSO
You may think that having a single log in portal would lessen the amount of security; however, that is simply not true. The argument I make when presented with this misconception is by only having one password to remember lends itself to an easier way to enforce stronger passwords. Common passwords are the ones that often get cracked; “password” or “123456” are very weak passwords and were identified by CBS News as the two most popular passwords of 2013.
Many times, The reason weak passwords are used is laziness or simply password fatigue. By only having to remember one password, your end user can have a very strong password that is unique and difficult to crack.
Making Life Easier
Ultimately, SSO is all about user convenience and making life easier for your end-users by reducing multiple login prompts. But with SSO, you can also achieve a higher level of security, meaning SSO is really about making life easier and more secure. Imagine if there was a way to make other everyday tasks easier by only taking one action.
Now that would make for a pretty awesome life!