next up, we have single sign on now. Single sign on is the ability for us to pass authentication from one server or one application to another application or another server without having to re enter our authentication
where, for example, if we have a authentication into a Web browser, we have a Web browser that we sign on to our account with the Web browser and then were able to access our email and were able to access our YouTube account, were able to access our social networking accounts.
And all we have to do is enter that single user name and password,
and it allows us to have single sign on capabilities because it passes those same authentications toe all of those other websites. So
with single sign on this, maybe these air typically within the same realm of applications
if we have a Microsoft application that allows us to
talk with our co workers and we also have a additional email application and they both use the same account in order to connect to them and in order to send data than our single sign on is just gonna let us enter our data once and then it's going to pass that authentication to those other accounts without us having to re enter them every single time.
It allows us to connect into a social networking page
and be able to navigate through several pages on that server without having to enter on the user name and password every time we move to a different page. So it's
extremely. It makes makes using authentication a lot easier for in users because as long as they're within the same session and as long as our session hasn't expired, then those credentials can be passed to multiple different applications, especially for people who use things. Such a smart cards
and those in the smart cards can pass authentications
to multiple different portals that they log into whether when they're at work, all they have to do is enter their use in the pin number when they get in tow, work to sign onto the computer, and then that's transferred to all the other applications that they may need to sign into rather than having to manually sign into all of them.
many of the applications that you live single song Sign on will require re entering those credentials. When you try to access sensitive information, say you want to access the portion of the application that allows you to change the password or you try to access the portion of the application that allows you.
If there are Social Security numbers obscured. That allows you to see the Social Security numbers.
Or if you're trying to enter the area of the application that allows you to change your privacy settings, then you may receive a notification that says, For security reasons, go ahead and enter that password one more time. That makes sure that maybe you stepped up and went to the bathroom that someone didn't sneak in behind you
go in and change your password, sign you out and then walk over to their computer and then sign in
while you were in to buy themselves a couple minutes while you were trying to get your password reset and straightened up. So
by allowing by making us reenter those credentials when we're accessing the sensitive information, it provides an additional layer of security in case our session is hijacked to prevent the damage that people could be able to dio if we step away from our computer and someone jumps into our session,
then there's only so much that they can actually do to our account
unless they know our user name and password so they'll have that one account session and then once it times out or once we log out enforced log outs of all of our other sessions than they're done.
So lastly, we have improving. It improves our ease of use, but we need to be careful how those credentials were stored and how those credentials air past. We need to make sure that if we're developing applications, which can utilize single sign on that those applications don't pass credentials in clear text.
We want to reduce how, if those apelike if those applications
past credentials that those credentials could be stolen and then replayed later, we need to make sure that we're being very careful when we're logged into single sign on applications were logged into pages that are utilizing single sign on, so that if we step away from our computer, we need to make sure that we lock our computer
so that someone doesn't come in and just keep using our account.
Lastly, we need to be careful
how we're still how our computer store single sign on credentials because if they are stored improperly, that all it takes is for one malware infection on our computer to go in, look in known places what credentials may be stored and then just steal those credentials and then send them back to the command control center for the malware.
So we need to be aware how our different applications store passwords,
how they store different user names and passwords for single sign on, and make sure that we balance ease of use with our security when we're considering single sign on.