Single Sign-On (SSO)

What is Single Sign-On (SSO)?

Single Sign-On (SSO) is a technology that consolidates multiple login screens for different applications into one unified interface. With SSO, you need to enter their credentials (like username and password) only once on a single page, and they can access all their associated SaaS applications without re-authenticating.

SSO is particularly useful in business environments, where applications are managed by an internal IT team. It also benefits remote workers who rely on various SaaS tools.

For those with existing accounts and are using a browser password manager, please ensure it is updated to recognise 'https://auth.speckel.io/' . Any issues, please contact support@speckel.io.

Advantages of SSO

SSO offers several benefits beyond convenience:

• Stronger Passwords: You only need to remember one password, making it easier to create and use a strong, unique password.

• No Password Reuse: SSO reduces the risk of password fatigue, where users reuse passwords across multiple services, a significant security risk.

• Enhanced Password Policy Enforcement: IT teams can enforce strong password policies more effectively through a centralized login point, simplifying processes like password resets.

• Multi-Factor Authentication (MFA): SSO enables the use of MFA across all connected apps, significantly enhancing security by requiring additional authentication factors beyond just a password.

• Centralised Control: Administrators can manage session timeouts and enforce re-authentication centrally, improving security.

• Internal Credential Management: SSO allows for internal management of credentials, reducing reliance on external applications that may not follow best security practices.

• Increased Productivity: SSO reduces the time spent on password recovery and multiple logins, freeing up IT resources and improving overall productivity.

How Does an SSO Login Work?

When you log in via an SSO service, an authentication token is generated to verify their identity. This token is stored either in the user's browser or on the SSO service’s servers, acting like a temporary ID. When accessing different apps, these apps check with the SSO service, which then provides the authentication token, granting the user access. If the user has not yet signed in, they will be prompted to do so through the SSO interface.

SSO services do not directly store user identities but instead verify credentials against an identity management system. Think of SSO as a librarian who checks the card catalog (the identity management system) to confirm a book's location without memorizing the entire catalog themselves.