Among the many benefits of LastPass for secure password management is the use of the security assertion markup language (SAML) standard for authentication, streamlining essential cybersecurity practices and capabilities including single sign-on (SSO).

  • SAML means users can easily access multiple applications or services with a single set of login credentials.
  • SAML can therefore enhance cybersecurity as well as end-user experience.


HOW SAML WORKS

Based on eXtensible markup language (XML) for data storage and transportation, the open SAML standard was developed to enable the transfer of authentication data between a trusted third-party identity provider and a service provider. It allows users to authenticate once across several web services and applications - which obviously makes life simpler for them.

The latest SAML 2.0 standardisation in LastPass covers authentication statements, attribute statements, and authorisation decision statements - enabling admins to understand if a user has been successfully authenticated and why and when, providing customisable details about user attributes such as their organisation role and contact info, and giving details about what users are authorised to do or see.


SIX STEPS TO SECURE ACCESS

  1. User requests access to a service
  2. Service provider generates and sends SAML message to the identity provider
  3. User is redirected to a secure login site and asked for credentials
  4. User credentials are verified or not
  5. If verified successfully, the identity provider sends a SAML response
  6. Only then does the service grant user access


Previously SSO relied on authentication tokens only visible within corporate intranet or connected services. If users sought access to applications outside that single domain, they needed further authentication. They'd need to reconfirm their identity and reauthorise all over again - considerably slowing productivity, in many cases.

When trying to access data via an in-house financial application, before being able to make use of the data, they'd also need access to a secure external web service - because they were leaving one domain for another.


  • SAML swaps domain-specific processes for centralised identity management, using encrypted digital tokens that are session-based, persisting across applications, and boosting both flexibility and security. On logout or shutdown, sessions terminate.
  • SAML - seamlessly integrated with LastPass - means staff can authenticate once with SSO, redeploying that organisation across a number of services providers, with a chance to both increase productivity and reduce cost. It also reduces management overheads for multiple sets of login and authentication data across internal and external applications.
  • At the same time, organisations benefiting from SAML can keep pace with app proliferation. Security challenges can be managed via digitally signed messages with certified keys - and users can also implement MFA, adding another security layer.


Read more about SAML in LastPass - here.




ASK TEAM QBS ABOUT MORE LASTPASS BENEFITS

  • LastPass has just launched a compliance centre for delivering security assurance information that's up to the minute, incorporating the Drata compliance platform.
  • LastPass password management solutions also enable secure credential sharing when employees and clients require access, strong administrator controls for managing company-wide LastPass policies, accounts and password security, the ability to configure, authenticate and secure on-site organisations as well as remote-working teams, and adaptive authentication that takes security beyond standard two-factor approaches.
  • And much more.


Email QBS at: [email protected]
Telephone QBS on: +44 (0) 20 8733 7100





( Image by Achin Verma from Pixabay )