This post on Mastodon by SwiftOnSecurity applies to all “social logins” and federated authentication including SSO (single sign on). For enterprises, it’s a reminder that all security decisions are risk balancing exercises. We at Procella are unabashed advocates for SSO but that means choosing the SSO provider and platform carefully and pairing it with both an identity management system and a log management system. Ultimately a reputable SSO provider is likely to be a safer choice than social logins due to their focus and significantly better than individual users managing their own identity at many diverse applications.