Form Based Authentication Implementation – SSO Alternatives

single sign-on (SSO)

 

Single sign-on is a constant talking point. You must have seen articles touting the benefits of SSO. Of course, we are in no way innocent either. SSO enables users to authenticate multiple applications and websites by logging in only once with a single set of login credentials. In other words, SSO provides simplicity in an authentication world that can be unnecessarily confusing. However, where do administrators turn when standard SSO is not an option? The easy answer is to use form-based authentication — a bright successor in a long line of SSO alternatives.

 

Understanding Form-Based Authentication

– In Theory and Practice

 

Form-based authentication is technically just a preferential term for the act of using standard web- or internet-based login forms. These 'forms' are generally editable and easy to use, and only require a fair amount of effort from the end-user before authentication is underway.

 

standard login form
A standard login form
 
However, with the evolution of SSO protocols and standardization of streamlining the authentication process, form-based authentication has taken on another meaning entirely. Form-based authentication is now a modern method for integrating applications into an existing Identity Provider (IdP) for SSO. Specifically, form-based authentication integrates older legacy applications and other web-based applications that do not support standard SSO protocols, such as SAML, Shibboleth, CAS, or Kerberos.

 

Instead of making users and organizations ‘bite the bullet,’ form-based authentication provides a workable alternative when partnered with a flexible IdP

 

The Importance of SSO Alternatives

 

Flexibility is a key consideration when adopting an SSO solution or finding an IdP for your environment. Unfortunately, SSO alternatives are often left on the cutting room floor. However, they should never be left out when looking to provide the best solution for your end-users and administrators. SSO is only the first step towards balancing security and usability. Applications that do not fit the mold will weaken the overall benefits of the SSO solution in place. Form-based authentication exists to modify that mold. 

 

Many organizations have embarked on a journey of digital modernization, migrating older applications over to their modern counterparts. However, legacy applications do not often support modern SSO protocols. Furthermore, as seen in many educational institutions, not every modern application is built with SSO in mind. Form-based authentication is the best SSO alternative to retain the same level of convenience and security found in true SSO. 

 

With PortalGuard, form-based authentication is part and parcel to a thorough SSO solutionAdministrators need only configure a template to integrate with the IdP, which stores, hashes, and encrypts authentication data. This data is then used automatically in subsequent authentication attempts without prompting the end-user. The implementation is only as complex as it needs to be, and typically requires no client-side software or implementation.  

 

With form-based authentication in place, there is no reason why security and usability are not within reach. 

 

BIO-key resource center

 

Tags: SSO, User Experience, Dynamic Analysis, Password Management, Single Sign-On (SSO), User Authentication