top | item 40752642

(no title)

Missing one of the key reasons: most SMBs are sharing seats (usually in violation of the license terms for the products they're using), which is rather harder with good SSO products. Per seat licensing for b2b products is lucrative, but carries the risk that you're just pushing your customers to share passwords, which is usually way worse for security.

discuss

revicon|1 year ago

Forced two factor auth can often solve this kind of thing though.

hananova|1 year ago

Why would that help? Where I work we have a central server with some phones connected that act as the 2FA devices for every service where not all employees have their own account, with an internally developed browser extension that grabs the access code from this server upon login.

modo_|1 year ago

Only if you require text message based two factor. Password managers like 1Password allow you to store your OTP within them and share that + the password internally within your team