How SSO works
For the user
When a user logs into an SSO system, the login information – typically a username and password – is initially verified and authenticated against the existing data on file, submitted when they first registered and logged in. In many cases, two-factor authentication (2FA) or multifactor authentication (MFA) is initiated, requiring the user to take an additional step, either verifying with a fingerprint scanner, answering a question, or responding to a push notificaiton on a mobile device.
In some cases , the user is matched against the device used to ensure the login context. Access is either granted or rejected.
When you log in to your work computer and network, such as a VPN or shared networks and SaaS platforms, you sign in to that network once. Then you are offered full access to all the services, platforms, sites, and apps that your level of authentication allows, without having to sign into anything else.
For the business
SSO attaches an identifier to the user when they log in. Once the verification and authentication measures are complete, that identifier serves as entry to all the sites, permission levels, and information a business has granted that user access to.
SSO does not know who the user is or store the credentials used to log in; it uses only the identifier for each instance to track the access levels you’ve authorized.
Why implement SSO
Simplicity. Security. Oversight.
SSO makes the log in process easier and simpler for your employees while providing your business with more security against hackers or inadvertent access to sensitive data and personal information.
By adding the users and then selecting the access levels, you have more control and visibility into who has access to what information and can modify it quickly when you add new employees, add or remove them from projects, or remove employees from access entirely. This enhanced access and network security is improved further by eliminating the need for different passwords, reducing the risk of reuse or weak and forgotten passwords.
While SSO often secures most business applications, it does not secure all applications. When combined with password management solutions, your company has better control over security and sharing protocols to protect the gaps left by SSO, ensuring every entry point to your business is protected.
LastPass offers an Advanced SSO Add-On that integrates directly with the LastPass password manager. With an extensive SSO app catalog that features pre-integrated mobile apps, LastPass can take your company's security and productivity to the next level.