An Intro to Single Sign On Security An Intro to Single Sign On Security

An Intro to Single Sign On Security

Erin Werra Erin Werra Edtech Thought Leader
Read time:

Just about everyone enjoys the convenience of single sign on. But SSO is not only convenient. It’s also a powerful way to keep your network safe.   


What is single sign on (SSO)?

Single sign on is a service districts use to allow users a secure, quick way to access multiple edtech applications (including their SIS, LMS, and practice programs, to name a few) all using the same credentials.


How does it work?

SSO allows a single centralized authentication source for multiple applications. It checks users’ credentials before allowing them access to different applications simultaneously. This removes a ton of headaches from managing and entering multiple high-quality passwords or passphrases.

SSO works behind the scenes to provide authentication. Security Assertion Markup Language, or SAML, is a standard to search for when choosing interoperable edtech. SAML is used for SSO by many vendors, including Google, Microsoft Office 365, Skyward, and ClassLink, among others.


What is SAML and why is it important?

SAML provides web-based SSO and allows users to log in to several applications using one sign on. There’s no need to create and maintain multiple passphrases on different applications. SAML does not reveal the password used to the different applications—in fact, it doesn’t have much to do with the applications. Instead, the user provides credentials to the SSO/SAML identity provider and uses that approval to gain access to applications. 

It works the same whether users start at an individual application and are then routed back to the SSO, or vice versa with users beginning at the SSO provider to gain access to all related applications.


How does SSO enhance security?

Secure authentication is the only focus of SSO providers, not a component of the service.
Rigorous password requirements form the cornerstone of security to a whole roster of interoperable applications. Because there is just one password to create and manage, users are more likely to use best practices in creating a strong password (or better yet, a passphrase). Users are not tempted to recycle easy-to-guess passwords. And of course, the moments spent accessing and recalling username and password information is dramatically reduced, which conserves valuable teaching and learning time. 

In addition to strong passphrases, SSO authentication often incorporates multifactor authentication (MFA). MFA is an added layer of security because it requires users to enter multiple forms of identifying information. They may need to know their passphrase in addition to setting up a biometric profile. Other components may include authenticator applications on a trusted device, temporary passcodes, or secure links sent via email. 


Which weak points should be protected?

SSO is designed to allow access to multiple applications. While it’s true the SSO identity provider doesn’t share credentials with the applications, cracking a single password could be an easy way for shady characters to gain access to many services they shouldn’t. 

Users typing in passwords are one of the weak points hackers exploit to gain access to a system. Strong passphrase requirements, frequent training, and different types of phishing drills help condition staff to remain constantly vigilant to any attacks.


Follow-up resources:

Keep passwords safe from pint-sized hackers

Join the debate: Is EdTech Ready for MFA?

Take a look at the edtech interoperability landscape: EdTech Playbook: Interoperability 


Erin Werra Erin Werra Edtech Thought Leader
Share this story:

Large Districts Large Districts

Recent Articles

Metacognition is the Superpower Students Need for the Future
If students are going to thrive in a future woven with AI, they need to start thinking about thinking ASAP. Erin Werra
3 Ways to Play the Long Game for Staff Retention
Use these tactics early in the school year to build educator stamina and keep morale high all year long. Casey Hernandez
How Are You Attracting and Retaining Teachers of Color?
Automating your applicant tracking eases the effects of covert biases and provides an attractive applicant experience. Erin Werra

Share Facebook
LinkedIn Email
Humanity 🤝 Technology
Edtech insight delivered directly to you.