Single Sign-On (SSO) allows users to authenticate once and access multiple applications without re-entering credentials. A user logs into the corporate identity provider in the morning and can then access email, file shares, HR systems, and cloud applications seamlessly throughout the day.
SSO improves user experience by reducing password fatigue and helps security by centralizing authentication controls. However, it creates a single point of failure—if the SSO system is compromised, attackers potentially access all connected applications. Strong MFA on the SSO portal is essential.
CISSP Relevance
Domain 5 (Identity and Access Management) covers SSO architectures, protocols, and security considerations. Know how SAML, OAuth, and OpenID Connect enable SSO across web applications. Understand the security tradeoffs between convenience and the risks of centralized authentication.
For enterprise SSO implementation, see NIST SP 800-63C Federation and Assertions.
Related terms: Authentication, Multi-Factor Authentication