It has got to the point of being ridiculous, hasn’t it? There is a login and a password for everything starting with the many different websites you probably subscribe to. Then, there are the more serious logins and passwords for your business applications. The list goes on, with the more complex passwords required for your banking, and I think I forgot to mention the numerous PIN numbers and your home alarm system. The number of logins and passwords we are expected to remember is simply impossible, given that we do not log in and out of all applications continuously. Single sign-on (SSO) is the typical business solution used on an enterprise level. There is also a SSO solution for home users which is more simple and cost effective for that matter. This article provides an overview of how modern software is tackling the problem, both in business and at home.
SSO is a session/user authentication process that permits a user to enter one name and password in order to access multiple applications. The process authenticates the user for all the applications they have been given rights to. It also eliminates further prompts when users switch applications during a particular session. The objective of SSO is to allow users with access to all applications from a single login. It provides a unified mechanism to manage the authentication of users and implement business rules, determining user access to applications and data.
It is the significant growth in SaaS based applications that is making SSO more relevant and useful. Small, nimble applications that specialise and integrate to third party applications are replacing the traditional large integrated software. SSO assists ease of use and security of IT in any organisation that expects its employees to use multiple applications, often from multiple locations. We have heard of IT helpdesks that spend more time fixing passwords than carrying out any other single task. It’s not surprising. If you multiply 100 users by 10 applications, it equates to 1000 logins and passwords. The way to reduce this problem is to implement SSO, giving users access to all the applications they need, while only having to authenticate themselves once.
Whenever a user attempts to access a SSO configured application, the login server first attempts to authenticate the user. The login server checks for a SSO login cookie on the user’s browser. If one is present, the server identifies the user from the encrypted login details in the login cookie. When the login cookie is not present, the system prompts the user for a login and password. The user provides their login and password details. The authentication system then passes the credentials via a login authentication routine. If the authentication credentials are correct, the login server passes a login cookie to the user’s browser that maintains the cookie until logout. The credentials can be used for other SSO applications.
SSO is mostly sold on a per user basis. There are several companies that license SSO. Some to try are OneLogin, Atlassian, or Okta for more information. The implementation is reasonably complex because there are policies, training and testing required before making a transition. Certainly, a successful implementation will require the time and attention of an experienced IT engineer.
Now, to make a little more light work of your personal logins and passwords, there are some good free applications on the market. One of my personal favourites which I use on my iPhone is Minikeepass. It is simple and effective and allows you to securely hold web addresses, logins and passwords. You can also transfer the password file via Dropbox to other devices such as your iPad, if you have one. There are also plenty of password managers available for Android. One good application is KeePassDroid.
Managing passwords and logins for both the corporate and your personal devices doesn’t need to be as daunting as it appears. Check out some of the software suggested and make password management a breeze.♦ End