Single sign-on moves to the cloud

Okta and OneLogin score high in test of eight SSO solutions that cut help desk calls and boost password security

We are awash in passwords, and as the number of Web services increases, things are only going to get worse. Trying to manage all these individual passwords is a major problem for enterprise security. Many end users cope by re-using their passwords, which exposes all sorts of security holes.

One solution is a single sign-on (SSO) tool to automate the logins of enterprise applications and also beef up password complexity, without taxing end users to try to remember dozens of different logins.

SSO isn't new: we have had various products for more than a decade. What is new is that several products now combine both cloud-based SaaS logins with local desktop Windows logins, and add improved two-factor authentication and smoother federated identity integration.

Also helping is a wider adoption of the open standard Security Assertion Markup Language (SAML), which allows for automated sign-ons via exchanging XML information between websites.

Cloud-based single sign-on: A business perk for customers?

The SSO market includes more than a dozen products from boutique shops to large software vendors. We tested eight products: SecureAuth, OneLogin, Okta, Symplified, Intel's McAfee Cloud Identity Manager, Numina Application Framework, SmartSignin and Radiant Logic. Several other SSO vendors were contacted but decided not to participate, including IBM, CA, Oracle and Ping Identity. (Watch a slideshow version of this story.)

To continue reading this article register now

The 10 most powerful companies in enterprise networking 2022