Virtual Graffiti Australia Pty Ltd - Your Source for Technology, Security & Networking Solutions

  Virtual Graffiti

Multi-Factor Authentication (MFA) vs. Single Sign-On (SSO)

Follow us for more blog posts!

By the BlueAlly Marketing Team

With SSO, you use the same credentials to sign into multiple applications. With MFA, you use multiple proofs of identity to sign in. You can use both.

Single Sign-On (SSO) and Multi-Factor Authentication (MFA) are two trends in user identification and system sign-in methods. You might be wondering what they are, whether you should use them, and whether they’re compatible or mutually exclusive.

In brief, SSO means that you use the same credentials to sign into multiple applications. MFA means that you use multiple proofs of identity when you sign in. Used properly, both can enhance information security. They are compatible, and there’s no reason you can’t use both together.

Single Sign-On (SSO)

With SSO, you have a single identity (usually a user ID and password) which allows you access to multiple applications. You might have to sign into each individually, or signing into one may sign you into the others automatically. An example is the Google ecosystem: when you sign into Chrome, you’re also signed into Google Docs, Calendar, Maps, and whatever other Google services you’ve joined.

Advantages of Single Sign-On:

    • Convenience: It’s faster and easier to log in to all the applications you need.
    • Productivity: Workers can sign in and share information more easily. Less time wasted on retrieving forgotten passwords.
    • Centralization: The smaller number of total identities on a network makes it easier for IT to monitor them all and cuts down on the total number of identities that hackers might guess.

Typically, a system will require two or even all three types of identification to sign in. This greatly enhances security, but it also makes it more difficult and time-consuming to sign in.

Disadvantages of Single Sign-On:

    • Security Risks: Widespread access means that if a hacker gets access to an SSO account, more systems are compromised simultaneously.
    • All or Nothing: If a user somehow loses access to their SSO ID, they won’t have access to any system until the problem is fixed.

Multi-Factor Authentication (MFA)

Multi-Factor Authentication (MFA) is a system that requires multiple forms of identity check in order to sign in. A user might be required to provide:

    • Personal Knowledge: This can be a password, a PIN or a personal question about something like the user’s mother’s maiden name.
    • ID Tokens: This can be a badge or token. It can also be an authentication app on a smartphone, or a code texted or emailed to the user.
    • Biometric Identification: Fingerprints are the most common form of biometric information, but this can also include facial recognition, voice recognition, and retinal scans.

Typically, a system will require two or even all three types of identification to sign in. This greatly enhances security, but it also makes it more difficult and time-consuming to sign in.

Why Not Both?

A system that integrates SSO and MFA effectively can have the best of both worlds. MFA can make sign-in secure, while SSO makes it convenient. We partner with brands like HP Inc. to help make sure you're getting the best services possible. Contact your BlueAlly Account Manager or email us at [email protected] to discover ways that we can help!

 



Sources:

https://blueally.com/product-solution#security
https://fortifiedhealthsecurity.com/blog/single-sign-on-vs-mfa-do-you-know-the-difference/
https://blog.hidglobal.com/2019/06/multi-factor-authentication-and-single-sign-explained
https://condatis.com/news/blog/what-is-mfa-and-sso/