Ask the Experts

Ask the Experts

Single-sign on (SSO) and federated identity

• How does a SAML vulnerability affect single sign-on systems?

  Researchers at Duo Security discovered a SAML vulnerability that enabled attackers to dupe single sign-on systems. Expert Michael Cobb explains how the exploit works.  Continue Reading

• Single sign-on best practices: How can enterprises get SSO right?

  Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it.  Continue Reading

• OneLogin data breach: What does the attack mean for SSOs?

  A OneLogin data breach affected all of the company's U.S. customers after threat actors abused an Amazon Web Services API. Discover what this means for customers and SSO companies.  Continue Reading

• Insecure OAuth implementations: How are mobile app users at risk?

  Mobile apps using insecure OAuth could lead to over one billion user accounts being attacked. Expert Michael Cobb explains how developers can implement OAuth securely.  Continue Reading

• How has enterprise SSO technology evolved?

  Enterprise SSO products have matured over the years, so what's the state of eSSO today? Expert Randall Gamby discusses.  Continue Reading

• When single sign-on fails, is a second SSO implementation worthwhile?

  After a failed SSO implementation, is there any benefit to an enterprise trying again? Expert Michele Chubirka discusses.  Continue Reading

• How to mitigate Atlassian Crowd's SSO vulnerability

  Network security expert Brad Casey advises how to mitigate the vulnerability in SSO product Atlassian Crowd until an upgrade can be performed.  Continue Reading

• Types of SSO: Comparing two vendors' approaches to single sign-on

  Expert Randall Gamby discusses various types of single sign-on, specifically the approaches of Ping Identity's SSO and Symplified SSO.  Continue Reading

• SaaS access management: Finding the best single sign-on technology

  Expert Randall Gamby details key strategies for SaaS access management and contemporary single sign-on technology that's truly interoperable.  Continue Reading

• Detecting and blocking suspicious logins, unusual login activity in the enterprise

  Randall Gamby dissects the delicate but crucial science of detecting and blocking suspicious logins and unusual login activity in the enterprise.  Continue Reading

• Identity management SSO security: Hardening single sign-on systems

  Get information on how to harden single sign-on systems for greater security in this response from IAM expert Randall Gamby.  Continue Reading

• Password security vaults: Is SSO authentication better?

  Password security vaults may be able to aid users in remembering many different passwords, but are they the most secure solutions? IAM expert Randall Gamby gives his recommendations on setting password technology policy.  Continue Reading

• How to install a new router to prevent single sign-on problems

  Are you receiving router pop-up messages telling you that it is "Unable to do single sign-on or federation"? In this expert response, learn what you need to do to get your router back on track.  Continue Reading

• How to use single sign-on (SSO) for a server configuration

  Using SSO for a server configuration can be done a few different ways. Learn more in this expert response from Randall Gamby.  Continue Reading

• How to log in to multiple servers with federated single sign-on (SSO)

  Single sign-on is a rapidly evolving technology that, when partnered with federation tools, can offer a greater and greater level of granularity for access control. Learn how from expert Randall Gamby.  Continue Reading