Take your password management to the next level of iron clad security. Pleasant Universal SSO is the revolutionary approach to storing and securing passwords and other company secrets, so that they are centrally controlled, but never viewable nor accessed through any employee devices.
- Maximum Security
- Easy for Users
- Reduce Costs
Like the idea but want to see if it is right for you? Let's have a one-on-one discussion to guide you through it.Request Demo
- Web Browser
- Unix Prompts (SSH)
- Windows RDP (coming soon)
- Databases (MSSQL, PostgreSQL, etc., coming soon)
Password managers allow user to easily access passwords, but when they are accessed through a workstation or other device, they are immediately subject to a variety of risks:
- Employees and ex-employees can or may have recorded passwords, and can use them for unauthorized access to company portals.
- Malware like Keyloggers and Trojans can steal login credentials which can lead to hacking of company databases and stealing valuable secrets.
- Auto-fill or copy-and-paste tools may appear to mask the password, but are still recordable by an infected workstation or an employee.
- Bring Your Own Device (BYOD) allows for great flexibility for employees to access anywhere and anytime, but it makes access controls much more difficult to manage.
What is Universal SSO?
Universal SSO (Single Sign On) is a revolutionary approach to password management. Designed with multiple components protected by patent law, it eliminates the need for any employee to ever have direct access to login credentials. Users are assigned a Password Pleasant Password Server account with only one username and password, which they use to log into any assigned website requiring password access.
Universal SSO is currently in beta. It is already more secure to use it than not to use it, because it fundamentally reduces the number of computers and users who have access to the credentials, but we are working on full penetration tests before we take the module out of beta.
How does Universal SSO work?
- User logs into the SSO server with their assigned username and password. The frequency in which they do this is configurable (ie. Once a day, week, month, etc.).
- If using for the first time, user devices and browsers require a simple configuration.
- The user then accesses the url they want to log in to.
- They type in their placeholder username and password.
- Universal SSO goes through an authentication process, ensures that user is valid, populates the url login credentials from the database, and logs in the user.
- The credential is never copied onto the local device, so there is no ability to record it by the user, cookies, malware, or by any other recording tools.
SSO server provides clear benefits for every level in the organization – Shareholders (The Company), IT Managers and Employees. We call it the Win-Win-Win solution.
- Your company can eliminate the risk of password-based attacks.
- Complex passwords can be set for access to any website, as the user never sees the username or password, and attack methods could not crack the character string with hacking tools.
- It is compatible with virtually every web-application, so it can be instantly implemented.
- There is significantly reduced costs due to:
- Less password resets by admin.
- Less employee inquiries for password reset and wasted time.
- Reduced IT support center volume.
- Risk-of-loss, which can be millions of dollars and catastrophic.
- Complete control of password creation and assignment to users, so password policies can be effectively established and/or enforced with un-crackable password strings.
- Password history and resets can be done quickly and easily.
- Two-factor authentication can be added so it can be applied to all website access, not just those few websites that have two-factor authentication enabled
- Terminated employees can have their SSO password turned off, so effectively all the access points the employee had are easily turned off (this could be 100’s of logins).
- External parties can be granted access to a company website, but not provided an actual credential.
- Password credentials, once assigned, can be configured as visible or non-visible to users:
- Visible credentials can be viewed with the Pleasant Password Server desktop client or web client.
- Non-Visible credentials can only be used through the Password SSO.
- SSO entries can be used for other credential access like company credit card information.
- Access limits can easily be implemented and enforced:
- Time of day access.
- Number of accesses over a time period.
- Purchase amount or frequency on a supplier site like Staples online store.
- Complete logging of user access for auditing purposes.
- Don’t have to worry that the companies anti-malware software has been updated to the latest version.
- Users only have to remember 1 login credential which is for their Universal SSO access.
- Can be used the exact same way on any device, both inside and outside the office.
- Stored passwords for Root URLs will function for any variant URL.
- Passwords stored for www.website.com will also log you in from www.website.com/login.php or www.website.com/?ref=384629
- Will be able to include personal login credentials for sites like social media, personal bank, etc..
- Making purchases for the company can be simple:
- Don’t have to feel the responsibility having company financial assets like credit cards.
- No need to track down the boss to get his credit card.
- No more inconvenience for managers having to complete purchases on behalf of employees.
Given the possible risk of loss to the organization if critical information is hacked, it is likely that Universal SSO is the most valuable solution your company could ever consider. But don’t take our word for it, try it for yourself.
Already using Universal SSO and need help with setup or functionality? Check the wiki for help!