Pentesters Chat - The Double-Edged Sword of Single Sign On (SSO)

The Sprocket testing team discusses Single Sign On (SSO).

On this episode of Pentesters Chat, our team explores single sign on (SSO). The testers debate the good and the bad that comes with SSO, like:

- Improved user experience with only needing to log in once to access multiple application and services.
- Credential stuffing after a user's credentials are compromised and attackers can potentially use these creds to attempt unauthorized access to other services.
- Centralized access control for administrators to manage user access to multiple applications from a single point.
- Account takeover via identity providers (IdPs) misconfiguration could allow an attacker to take over accounts or impersonate legitimate users.

On this episode from the Sprocket Team:

Ron Edgerson
Nate Fair

[data-sal|='fade'], [data-sal|='flip'], [data-sal|='slide'] [data-sal|='slide-up'], [data-sal|='zoom'] { opacity: 1; transform: none; }

Manage Cookies