Updated: June 1, 2023
It’s no secret that threat actors want your passwords. Employee credentials can let these threat actors easily burrow into your networks and access your data, whether that data is stored on-premises or in the cloud. In fact, more than 80% of data breaches can be attributed to stolen credentials, according to Verizon’s Data Breach Investigations Report.
Many businesses use single sign-on (SSO) technologies to help secure cloud-based web applications and Software-as-a-Service (SaaS) solutions. SSO is a secure way of giving workers access to multiple apps using a central identity system. Thus, SSO means fewer and stronger passwords, streamlined IT control, added security, and an improved user experience.
However, system administrators have learned that SSO alone can't reliably protect employee credentials for every account, cloud-based or not. And threat actors know that. They understand that stealing employee credentials is a high-reward, low-effort way to break into corporate networks and pilfer data.
The security benefits of SSO and password managers
SSO provides a secure way for you to grant users access to multiple applications with a single set of login credentials per session. Once a team member logs in, they are authenticated for all SSO applications for which they have access—without having to remember, type, or reset passwords. That can result in fewer password-related help desk calls, which in turn can lower costs and boost operational efficiencies.
SSO is mandatory for specific business accounts, which gives you more control over mission-critical applications and platforms. At the same time, SSO reduces the number of credentials in use because the technology uses tokens, rather than passwords, for authentication. Fewer passwords mean fewer ways threat actors can break into your systems and networks.
A password manager provides a secure way to make sure that people use strong passwords across both work and personal accounts. The technology automates the generation of unique, complex passwords and encrypts and stores credentials in a centralized location. As with SSO, password managers enable individuals to access all their supported applications with one master password.
The combined power of two
Separately, SSO and password managers bring a set of security capabilities that are critical to safeguarding user accounts and credentials. The real power, however, lies in the combination of the two. Here are six ways integrating a password manager with SSO benefits businesses and even employees.
- Password managers can significantly improve an organization’s security posture by identifying and eliminating weak and reused passwords.
- IT gains greater visibility into all apps and services in use, and it ensures that strong passwords protect unknown services or applications that employees may have installed themselves, a practice known as shadow IT.
- SSO and a password manager together can also increase storage capabilities. SSO is fully compatible only with cloud applications that support SAML protocols. If an application doesn’t support SAML, most SSO solutions will only store and manage usernames and passwords. Password managers, on the other hand, can securely store a range of digital information, like payment information and Secure Notes, as well as encryption keys and digital certificates.
- Integration of SSO and password managers can ensure that all credentials and metadata are captured and stored in the same central repository.
- SSO and a password manager together can reduce the number of credentials used, which, in turn, can limit the number of passwords that can be compromised.
- A password manager integrated with SSO can allow employees to manage their passwords through features like automatic password generation. As a result, employees will always have strong, unique passwords for new accounts, and they can easily replace old credentials.
- Many password managers come with functionality organizations want that SSO alone can’t provide, such as passkey support, dark web monitoring, password health scores, a VPN, and storage for personal logins in addition to professional ones.
Dashlane’s Confidential SSO feature
Dashlane truly believes in the power of combining SSO and a password manager. That’s why we were the first password manager to use secure enclaves and confidential computing to protect the privacy and security of our customer data. With Dashlane’s Confidential SSO solution, Dashlane Business customers can log in to Dashlane with their existing company SSO credentials. They have one less password to remember, and admins have one less service to manage—all while still benefiting from the same zero-knowledge architecture.
When users log in with Dashlane Confidential SSO, they trust their IDP with their authentication credentials, which are transferred through a secure enclave. The enclave will only deliver secrets when presented with the correct credentials from the user. Secrets are transmitted through a secured tunnel, and the data processed inside the enclave remains confidential—even Dashlane cannot access it.
With Dashlane Confidential SSO, organizations of all sizes experience enterprise-level security, IT admins get seamless integration, and employees can log in to Dashlane using their company credentials. It’s a win-win-win!
Double the security
For many companies, implementing a low-cost password manager represents a logical first step in securing user credentials and data. But password managers alone cannot protect all accounts and cloud applications across the business. To do so, you’ll need to combine password management with an SSO solution.
To learn more about how to integrate SSO with a password manager, download our The Power of Integrated SSO and Password Management white paper. To learn more about Confidential SSO, visit our website.
Thanks! You're subscribed. Be on the lookout for updates straight to your inbox.