Take your SSH password management to the next level of iron clad security. Pleasant Universal SSO is the revolutionary approach to storing and securing passwords and other company secrets, so that they are centrally controlled, but never viewable nor accessed through any employee devices.
- Maximum Security
- Easy for Users
- Reduce Costs
Like the idea but want to see if it is right for you? Let's have a one-on-one discussion to guide you through it.Request Demo
- Linux/Unix Prompts (SSH)
Password managers allow user to easily access passwords, but when they are accessed through a workstation or other device, they are immediately subject to a variety of risks:
- Employees and ex-employees can or may have recorded passwords, and can use them for unauthorized access to company portals.
- Malware like Keyloggers and Trojans can steal login credentials which can lead to hacking of company databases and stealing valuable secrets.
- Auto-fill or copy-and-paste tools may appear to mask the password, but are still recordable by an infected workstation or an employee.
- Bring Your Own Device (BYOD) allows for great flexibility for employees to access anywhere and anytime, but it makes access controls much more difficult to manage.
What is Universal SSO?
Universal SSO (Single Sign On) is a revolutionary approach to SSH password management. Designed with multiple components protected by patent law, it eliminates the need for any employee to ever have direct access to login credentials. Users are assigned a Password Pleasant Password Server account with only one username and password, which they use to log into any resource requiring password access.
Universal SSO is currently in beta. It is already more secure to use it than not to use it, because it fundamentally reduces the number of computers and users who have access to the credentials, but we are working on full penetration tests before we take the module out of beta.
How does Universal SSO work?
- If using for the first time, user devices require a simple configuration.
- The user then accesses the entry in Password Server for the resource they want to log in to.
- Following the instructions in Password Server, they connect with the client application.
- They sign in with their Password Server credentials.
- Universal SSO goes through an authentication process, ensures that user is valid, populates the actual login credentials from the database, and logs in the user.
- The credential is never copied onto the local device, so there is no ability to record it by the user, cookies, malware, or by any other recording tools.
SSO server provides clear benefits for every level in the organization – Shareholders (The Company), IT Managers and Employees. We call it the Win-Win-Win solution.
- Your company can eliminate the risk of password-based attacks.
- Complex passwords can be set for access to any website, as the user never sees the username or password, and attack methods could not crack the character string with hacking tools.
- It operates invisibly to the end application, so it can be instantly implemented.
- There is significantly reduced costs due to:
- Less password resets by admin.
- Less employee inquiries for password reset and wasted time.
- Reduced IT support center volume.
- Risk-of-loss, which can be millions of dollars and catastrophic.
- Complete control of password creation and assignment to users, so password policies can be effectively established and/or enforced with un-crackable password strings.
- Password history and resets can be done quickly and easily.
- Two-factor authentication can be added
- Terminated employees can have their SSO password turned off, so effectively all the access points the employee had are easily turned off (this could be 100’s of logins).
- External parties can be granted access to a company resource, but not provided an actual credential.
- Password credentials, once assigned, can be configured as visible or non-visible to users:
- Visible credentials can be viewed with the Pleasant Password Server desktop client or web client.
- Non-Visible credentials can only be used through the Password SSO.
- SSO entries can be used for other credential access like company credit card information.
- Access limits can easily be implemented and enforced:
- Time of day access.
- Number of accesses over a time period.
- Purchase amount or frequency on a supplier site like Staples online store.
- Complete logging of user access for auditing purposes.
- Don’t have to worry that the companies anti-malware software has been updated to the latest version.
- Users only have to remember 1 login credential which is for their Universal SSO access.
- Can be used the exact same way on any device, both inside and outside the office.
Given the possible risk of loss to the organization if critical information is hacked, it is likely that Universal SSO is the most valuable solution your company could ever consider. But don’t take our word for it, try it for yourself.
Already using Universal SSO and need help with setup or functionality?Check the wiki for help!