Shruthi Krishnan

B.Tech chemical engineering graduate turned into a passionate writer.


I have been creating make believe worlds ever since I was a child. I have a personal blog where I occasionally post things that I am inspired by. 

I have extensive experience in digital marketing, ranging from social media management, digital ads, email marketing, writing web pages, video scripts, and numerous blogs as a part of my work experience in Zoho, Skill-Lync, and ting digital agency. Along with various other freelance projects for fitness based companies. 

With my versatile work experience and subsequently, the content I have created, I am very strongly inclined towards the creative side of marketing.

← Back to portfolio
Published on

Avoiding Password Fatigue: Single Sign-On versus Password Synchronization

Password fatigue happens when a user is forced to remember an excessive amount of passwords as a part of their daily life. On an average, a typical internet user has over 130 password protected accounts. This rationalizes ideas like using a single password for every account, creating a password that is easy to remember and normalizes practices like writing down passwords on sticky notes.

Various solutions have been deployed to overcome password fatigue. These include:

  • Single Sign-On software (SSO) - Users use a single login ID and password to login to an application which gives access to a variety of accounts.
  • Integrated password management software - A software or hardware that requires the user to create a master password to access an encrypted password database.
  • Password recovery - A feature that allows the user to retrieve their password through a secondary information that is tied to their account.
  • Password synchronization - A process through which a user maintains a single password across multiple IT systems.

Single Sign-On Software (SSO)

Single Sign-On enables access to multiple independent, yet related systems with a single user ID and password. This is done with a central domain through which authentication is performed. Each time a user goes through a domain that requires authentication, they are redirected to the authentication domain where they are already logged in. From here, they can immediately be redirected to the original domain with the necessary authentication token.

It greatly reduces the time spent in re-entering passwords for a single identity, reduces the amount of IT help desk calls regarding passwords and consequently lowers IT costs. SSO helps in managing the great volume of users across a world of applications and services.

However, there are also some security concerns when it comes to SSO as the loss of a single password can expose every data of the user. It also leaves the user no choice about releasing personal information into each new resource that the user visits. SSO requires very strong authentication methods.

Password Synchronization

Password synchronization enables the user to maintain a single password across multiple IT systems. This can be implemented in two ways:

  • Transparent password synchronization, where a password change in the native domain is automatically transferred to other systems and applications through the password management system.
  • Web-based password synchronization, where the user can change all of their passwords at once using a web application.

The user can select the systems that they want to include in the password synchronization group.

Password synchronization copies password hashes from one system to another. When synchronizing passwords, the plain text version of the user's password is not exposed to the password sync tool or any associated services.

Just like SSO, password synchronization also has security issues as the compromise of one password opens the door to every single data of the user. It also possesses the limitation that the passwords can be synchronized only between the systems that require mutually-compatible password standards, such as the length of the password, character restriction etc.

The Contrast between SSO and Password Synchronization

  • In password synchronization, the user logs on to every single system using the same ID and password whereas, in SSO the user is set up with multiple IDs and passwords but enters only one at the initial log in.
  • When the helpdesk makes a password reset in password synchronization, it is propagated to all the systems, reducing service costs per call. While in SSO, the password reset applies to the specific system and is dependent upon the SSO component software to perpetuate the user's single sign-on function.
  • Password synchronization does not impact the existing access management process as a log on is required for each system. Whereas in SSO, users must be provided with passwords that do not expire.

Both functions can help with password fatigue by giving the user the option to remember only one password. However, in SSO the user can access all systems once logged in, making the physical compromise of workstation more serious.

SSO is more complicated and expensive to implement as it requires client software deployment. Most SSO failures are infrastructure failures which are costlier than password synchronization failures which only affects individual users. When it comes to end-user experience however, SSO is more friendly as it reduces the number of times a user needs to type the ID and password.