SSO being the single point for security is the entire point. Compare that to eve... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		imtringued 4 months ago \| parent \| context \| favorite \| on: The Case for Centralizing Authorization SSO being the single point for security is the entire point. Compare that to every application having a login mask and querying active directory. There are so many more points of failure. If even just a single application has a vulnerability, then an adversary can just log the credentials and hope he finds one with elevated access rights.

wslh 4 months ago [–]

Your example is almost equivalent since even if you implement SSO on every of those apps, this doesn't mean that every app has integrated it well.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact