17

We were discussing to implement single on in our web application,right now after analyzing we came to know that the following were the advantages of single sign on authentication. In the words of Shwetha on the Cymfony System Testing blog:

Advantages

  • Users select stronger passwords, since the need for multiple passwords and change synchronization is avoided.
  • Inactivity timeout and attempt thresholds are applied uniformly closer to user points of entry.
  • It improves the effectiveness/timeliness of disabling all network/computer accounts for terminated users.
  • It improves an administrator's ability to manage users and user configurations to all associated systems.
  • It reduces administrative overhead in resetting forgotten passwords over multiple platforms and applications.
  • It provides users with the convenience of having to remember only a single set of credentials.
  • This also improves security as users find it easier to remember their credentials and do not have to write them down, allowing for a more efficient user logon process.
  • It reduces the time taken by users to log into multiple applications and platforms.

What disadvantages exist when implementing single sign on technology?

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
BlueBerry - Vignesh4303
  • 5,107
  • 13
  • 34
  • 63
  • 1
    I'm pretty sure, the avarage user would not use a better password for a single sign-on solution. Most don't care and wouldn't even know the difference; to them it is just another password box they need to fill in. – Jacco Dec 10 '12 at 11:58
  • @gilles its not plagirised content :( its my own question,i agree someof my questions contains plagirised content but this was my own :( – BlueBerry - Vignesh4303 Oct 09 '15 at 04:11
  • @BlueBerry-Vignesh4303 Are you Shwetha (the person who posted the same content over a year earlier)? Your usual style sure is different. Once again: **[if you use somebody else's words, you MUST cite the original author (give at least the name of the author and the title of the work, and a link if the material is on the web) AND clearly indicate what parts you cited (use quotation markup)](http://security.stackexchange.com/help/referencing)**. – Gilles 'SO- stop being evil' Oct 09 '15 at 09:43

4 Answers4

13

  • Single point of failure

  • Single high-value target (attracts more attackers)

  • Necessary information disclosure between trusting site and SSO authority

  • Side channel attack against authentication step (theoretically; implementation dependent)

  • Lack of control over your user list

  • Yet another interface to maintain (added complexity)

  • You may never know how secure your system is or if there is a breach

  • Added cost

These are all off the top of my head. I imagine someone has compiled a canonical list somewhere.

tylerl
  • 82,225
  • 25
  • 148
  • 226
  • 1
    Essentially the problem boils down to the fact that you're handing your security mechanisms to an opaque 3rd party. This is, simultaneously, single sign-on's biggest advantage and disadvantage. You sacrifice certainty about security for a range of other security benefits, and a few other benefits (ease of use, implementation overhead reduction, etc.) – Polynomial Sep 24 '12 at 06:00
  • 1
    Could you supply some references for these? This reads like a list of assertions, some of which are highly debatable. SSO absolutely does not lead to single point of failure or a lack of control, and most studies indicate that it costs less rather than more. – MCW Dec 10 '12 at 11:48
  • 1
    @MarkC.Wallace You ask for a list of references but you then assert an absolute that is innaccurate. It absolutely can be a single point of failure if the IdP fails. Key word being "can". It *can* lead to a lack of control if you defer authentication to another party. – Steve Dec 10 '12 at 18:28
  • Let me try to restate my point in a less argumentative fashion and then yield the question. Our SSO is implemented in a fashion that does not create SPF, and does not lead to a lack of control. I believe that some of the disadvantages listed above are failures of implementation, rather than of SSO. One can implement anything badly. If I were in the OP's shoes and trying to brief my management, I'd be careful to brief only those disadvantages which remain in a competent implementation. My apology if I seemed fractious, I did not mean to insult. – MCW Dec 10 '12 at 18:36
  • + joiners / movers / leavers is not always handled properly by SSO, e.g. you end up with provisioning processes for some systems and not others. – Callum Wilson Dec 10 '12 at 22:10
  • As a rule, all the advantages and disadvantages are always implementation dependent; it's possible to have an implementation with *none* of the stated advantages, or perhaps all of them. Outsourcing authentication brings along all of the potential issues of outsourcing any critical infrastructure component with the promise that they'll hopefully implement everything better than you will. But clearly you can't build a cost/benefit analysis without looking at specific implementations. A list of pros and cons should only be a starting point for more detailed research of a given implementation. – tylerl Dec 11 '12 at 01:47
5

This started off as a comment to Tyler's answer but running out of space.

Yes, if you implement it badly, then there will be bugs which can be exploited - but there are only 2 pinch points where SSO is different from seperated systems in this regard - when transitioning from the SSO site into the application site, and when terminating an SSO session (and hence sessions on the trusting applications).

Single point of failure

Only if it's badly implemented.

Necessary information disclosure between trusting site and SSO authority

How are you exposing more information to the trusting site? Indeed, there is much less opportunity for exploiting the application when it does not handle the authentication itself.

Lack of control over your user list

How? If you control both your applications and the SSO then why do you have less control?

Yet another interface to maintain

Defining interfaces and appropriate isolation between system components is good practice. SSO merely forces you to apply this practice. I think that's a benefit. Indeed maintaining a single implementation of the code for authentication rather than multiple ones should reduce complexity and cost.

You may never know how secure your system is or if there is a breach

How is this different from standalone systems?

Added cost

As per point regarding interface - it shouldn't add code complexity, nor does it require additional hardware. The only added cost I can think of is the need for an additional SSL cert - which is hardly that much.

If you are handing your security mechanisms to an opaque 3rd party then most of the points are valid - but not if you are implementing the system yourself.

There is a slight performance overhead with redirects for users only accessing a single application - but not huge.

symcbean
  • 18,278
  • 39
  • 73
2

You don't say if the scope for SSO is intranet or internet. If it includes internet then I've got a lot of love for SAML 2.0 compliant sites, however there are some disadvantages of SAML2.0 and SaaS sites:

  1. A lot of SaaS vendors (service providers) do not support all the SAML 2.0 assertions, e.g. joiners/movers/leavers assertions so you don't get all the benefits of SAML2
  2. Agreeing the SAML2 assertions with a SaaS vendor can be quite hard work to begin with.
  3. if the SaaS site requires federated SSO for, say staff users, and then continued access when the staff leave then you get into some horrible dual mode authentication that weakens the overall solution. i had this with a payslip system where staff are meant to continue to have access once they have left the company. i.e. where the IdP (identity provider) is the internal staff directory.
  4. SAML2 compliant products (for your side of the firewall) are expensive and dominated by one company (so difficult to negotiate price)

other than that - if you can get all SaaS sites working for your org with SAML, linked to your own identity store then you will have knocked out a huge risk, especially since users choose the same password for all corporate logins.

The worst thing you can do (mentioned above) is cook your own SSO scheme.

Callum Wilson
  • 2,533
  • 10
  • 15
0

SSO’s challenges Extra-strong passwords must be enforced. If an SSO account is cracked, others under the same authentication can also be endangered. When SSO is down, access to all connected sites is stopped. This is a big reason to exercise great care in choosing an SSO system. It must be exceptionally reliable and plans should be in place for dealing with breakdowns. What’s more, when your identity provider goes down, your SSO does too. The provider’s vulnerability to any kind of interruption becomes your vulnerability as well, and it is probably beyond your control. Once again, the choice of vendors is critical.

If a hacker breaches your identity provider user account, all your linked systems could be open to attack. This can be a classic single point of failure and should be headed off in the planning process. On the plus side, high-quality identity providers have top-notch security.

SSO can take longer than expected to set up. Each environment is different, so added steps in implementation can crop up. One example is the task linking the identity provider to the service provider.

SSO is risky for multi-user computers. What happens when one user is logged in and another needs to use the machine?

Reduced sign-on (RSO) may be needed to accommodate different levels of access. With RSO, additional authentication servers may be required.

SSO using social networking services can create conflict. This can be the case with workplaces that block social media sites and government connections where censorship is involved.

Some SSO-linked sites may give their user data to third-party entities. This is an area requiring careful attention.

[The Pros and Cons to Single Sign-On (SSO)] [1] (RenovoData, 2019)

I also found this link helpful, especially this section:

One misconception about using an SSO solution is that it weakens security. The argument rests on the premise that if a master password is stolen, all related accounts will be compromised.

In theory, this appears to be true, but with common-sense practices, SSO can actually reduce password theft. How?

Since users only need to remember one password for multiple applications, they’re more likely to create a stronger (harder to guess) passphrase, and less likely to write it down. These best practices reduce the risk of password theft.

As explained in the next section, a single sign-on strategy can also be combined with multi-factor authentication (MFA) for extra security.

[7 Benefits of Single Sign-On (SSO) and Why Your Business Needs It][2] (Gupta, 2020)

A simpler explanation can found here: [The Advantages and Disadvantages of Single-Sign-On (SSO) Technology (mini-whitepaper)][3]

[1]:RenovoData. (2019, January 17). The Pros and Cons to Single Sign-On (SSO): RenovoData - The Data Protection Blog. https://www.renovodata.com/blog/2019/01/17/single-sign-on

[2]: Gupta, D. (2020, May 13). 7 Benefits of Single Sign-On (SSO) and Why Your Business Needs It. Identity Blog. https://www.loginradius.com/blog/2019/11/benefits-single-sign-on-sso/

[3]: Gupta, D. (2020, May 13). 7 Benefits of Single Sign-On (SSO) and Why Your Business Needs It. Identity Blog. https://www.loginradius.com/blog/2019/11/benefits-single-sign-on-sso/

schroeder
  • 123,438
  • 55
  • 284
  • 319
MadderMudder
  • 1
  • 2
  • 1
    Your first quote simply reiterates the point "single point of failure". Your second quote isn't actually a disadvantage but an advantage. You then link to a list of disadvantages but don't actually list them. – schroeder Sep 13 '20 at 16:03