Single Sign On (SSO) was introduced as a user convenience and improved security tool. The idea was to give a user the ability to sign in once and have access to all their resources through one set of credentials. Organizations had the ability to require more password complexity, which improves overall password security. Unfortunately, this option has created additional security risks. If an attacker gained access to a user’s master password, they would also gain access to the user’s enabled resources, applications, and data associated with those applications. One example is an SAML injection attack that was discovered last year that allows an attacker to exploit weaknesses in SSO and gain access to user accounts.
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is