Major technology brands – including Apple, Google and Facebook – are vying to dominate the so-called “single sign-on” race. Simply stated, password-based single sign-on allows individuals to use their existing login and password credentials from one of these major multinational technology brands to access third-party sites. This saves consumers the time and effort required to come up with new logins for every online service they may access.
Ideally, this is meant to prevent the creation and use of weak passwords that are so often quickly created and then forgotten for “one and done” or infrequently used services.
These major multi-national technology brands (we’ll just refer to them as MMTBs moving forward) are leveraging consumer fears and fatigue about hacking to convince users to put their faith into their universal presence and overall reputation, despite lingering privacy concerns that might apply.
Essentially, they want those who’ve adopted and rely on their technological ubiquity to trust them as their go-to source for collective account security. But collective account security takes on new meaning in today’s digital transformation environment. Employees are constantly interacting with third-party applications and services using static credentials, both on and off the clock, and a compromise on one side could likely put personal and enterprise network/data security at risk on the other.
While some versions of single sign-on use biometric authentication, such as Face ID and Touch ID for Apple devices, they otherwise conform to traditional password-dependent single sign-on practices. This is why I think single sign-on with passwords is a bad idea.
The MMTBs aren’t security companies. While at first glance this may appear obvious, your average user/employee is probably not taking into consideration th ..
Support the originator by clicking the read the rest link below.
