What is SSO? Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent software systems. True single sign-on allows the user to log in once and access services without re-entering authentication factors. What is Two-factor Authentication? Two-factor authentication […]
Single sign-on (SSO) is an authentication scheme that allows a user to log in with a single ID and password to any of several related, yet independent software systems.
True single sign-on allows the user to log in once and access services without re-entering authentication factors.
Two-factor authentication (2FA), sometimes referred to as two-step verification or dual-factor authentication, is a security process in which users provide two different authentication factors to verify themselves. This process is done to better protect both the user's credentials and the resources the user can access.
Active Directory Federation Services (ADFS), a software component developed by Microsoft, runs on Windows Server operating systems and provides users with single sign-on access to systems and applications located across organizational boundaries.
[caption id="attachment_31843" align="aligncenter" width="644"]
Yubico offers different types of "YubiKeys". The most recent release is the YubiKey 5 Series, which comes in USB-A, USB-C, Lightning, and NFC.[/caption]
The YubiKey is a device that makes two-factor authentication as simple as possible. Instead of a code being texted to you or generated by an app on your phone, simply plug in your YubiKey and press a button. Each device has a unique code built into it, which generates additional codes that help confirm your identity.
YubiKey is used by leaders in the tech industry across widely recognized platforms and software services. These include Microsoft, Google, Amazon, eBay, GitHub, Citrix, SalesForce, DropBox, Facebook, and Twitter, among others.
When the user plugs in their YubiKey and presses the button to generate the token, the first 12 characters of the code are the YubiKey ID.
ADFS compares the first 12 characters with the YubiKey ID added in the custom attribute. If they match, ADFS sends an API call to a cloud API gateway from the YubiKey. This API call confirms whether the code is valid.
Once validated, the SSO session is confirmed. The user is redirected to their FileCloud dashboard. The whole process is easy, fast, and secure.
Article written by Wail Bouziane
