There are many justifications for single sign on as a solution. Stripped of all the hubris, it’s because people can’t recall passwords. The claim of faster is also somewhat true. SSO is not like leaving your car unlocked so you can open the door quicker – however it is analogous to satisfying the guard at the gate. Just get past that one security barrier and you have full run of the estate… including the house, horse, carriage and contents of the safe.
Said Open Sesame magic is achieved via the expense and complexity of a technological architecture which under ideal conditions performs flawlessly. Unfortunately, Murphy’s Law must be factored. Whatever can go wrong, will go wrong. The aphorism is scientifically established as “fairly accurate and more than sufficient for most applications”. Sadly, that quote translates to more often than not, a convoluted approach merely leads to the establishment of new attack vectors or abets existing ones.
Recently it was reported when a single sign on system is SAML-based (very common), a bug allows one person to login as another. Lest this be seen as an exceedingly difficult hack, note that SAML is simply a more robust version of the HTML which is the basis for all web sites. Said another way, regardless of the ingenuity of the knot, if your door is tied shut with a string, it can be cut with a pocket knife.
What is the point?
If it all comes down to multiple passwords are a pain in the posterior: forget passwords – recognize familiar faces. The human species doesn’t struggle to recall a friend or family member. Factually, less than 2% of the world’s entire population suffers from prosopagnosia. The other 98% can glance at a crowd and separate the known from unknown in seconds. Plus they enjoy an endorphin rush as an added bonus. The FaceGuard login experience isn’t an inconvenience. It’s like a game the individual always win yet simultaneously a challenge that consistently thwarts even the most esoteric algorithms — as well as the trivial changes achievable by a local web site builder.
FaceGuard reduces internally opaque verification sequences to an easy to use system where who you know is the key. Unforgettable, fast, and fun.