Single-sign on (SSO) and federated identity

Enterprise single sign-on (SSO) technologies can help reduce help-desk calls and user mistakes by consolidating credentials into one single password for all applications and services. Read the news and technical advice here to find deployment strategies and practical advice for SSO and federated identity.

October 28, 2020 28 Oct'20
Ping Identity launches passwordless authentication system

Ping's new suite of authentication features looks to secure accounts and login processes by eliminating the need for usernames and passwords, which are often reused and an easy target.
July 10, 2020 10 Jul'20
Cybercriminals auction off admin credentials for $3,000

Threat actors are auctioning off domain administrator accounts, selling access to the highest bidder for an average of $3,139 and up to $140,000, according to Digital Shadows.
August 08, 2019 08 Aug'19
'Dupe' there it is: SAML authentication bypass threatens Microsoft

Micro Focus security researchers demonstrated a new technique, dubbed 'dupe key confusion,' which allows threat actors to bypass Microsoft's SAML token validation.
July 09, 2019 09 Jul'19
OneLogin Desktop Pro for Windows reduces password load

By eliminating the need for remote workers to sign into Active Directory to access their network, OneLogin's Desktop Pro for Windows aims to make working remotely easier, according to the vendor.

Bring yourself up to speed with our introductory content

How self-sovereign identity principles suit the modern world

There are several core self-sovereign identity principles to consider before the concept can benefit the enterprise. Learn about the implications of SSI advancements in this Q&A. Continue Reading
single sign-on (SSO)

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials -- for example, a name and password -- to access multiple applications. Continue Reading
identity provider

An identity provider is a system component that is able to provide an end user or internet-connected device with a single set of login credentials that will ensure the entity is who or what it says it is across multiple platforms, applications and ... Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Guide to cloud security management and best practices

This cloud security guide explains the challenges facing enterprises today, best practices for securing and managing SaaS, IaaS and PaaS, and comparisons of cloud-native security tools. Continue Reading
Explore self-sovereign identity use cases and benefits

The future of digital identity may look a lot like how we identify ourselves in real life. Learn more about self-sovereign identity use cases and features in this excerpt. Continue Reading
What is identity and access management? Guide to IAM

Identity and access management (IAM) is a framework of business processes, policies and technologies that facilitates the management of electronic or digital identities. Continue Reading

Learn to apply best practices and optimize your operations.

6 key identity and access management benefits

Identity and access management is beneficial not just for users, security and IT admins, but also enterprises as a whole. Read up on the six key advantages of an IAM framework. Continue Reading
How to build an effective IAM architecture

Identity and access management is changing and so must strategies for managing it. Read up on IAM architecture approaches and how to select the best for your organization. Continue Reading
Zero-trust model case study: One CISO's experience

Adopting a zero-trust environment was the right move for GitLab, according to the company's former security chief, but it may not be well suited for all enterprises. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

For minimum password length, are 14-character passwords sufficient?

When it comes to minimum password length, 14-character passwords are generally considered secure, but they may not be enough to keep your enterprise safe. Continue Reading
Single sign-on best practices: How can enterprises get SSO right?

Proper planning is at the top of the list for single sign-on best practices, but it's important to get enterprise SSO implementations off to a good start. Here's how to do it. Continue Reading
Insecure OAuth implementations: How are mobile app users at risk?

Mobile apps using insecure OAuth could lead to over one billion user accounts being attacked. Expert Michael Cobb explains how developers can implement OAuth securely. Continue Reading