If I ran a saas company, i would charge more for users not use to SSO. Bigger risk storing passwords and managing login process(2FA, password reset etc).

▲

ethan_smith 2 days ago | parent | next [-]

This is the most security-aligned approach - storing credentials creates significant liability (breach risks, compliance requirements, password rotation policies) while offloading authentication to specialized providers reduces attack surface and improves user experience.

▲

sparrish 2 days ago | parent | prev [-]

If you ran a saas, you'd know how much more supporting SSO costs and sing a different tune.

▲

esseph 7 hours ago | parent | next [-]

This is a real problem of misaligned incentives.

▲

beacon473 2 days ago | parent | prev [-]

Why do some sites require SSO, without an option for a local (better term?) account?

I prefer to have a unique username and password for each service. KeepassXC is my SSO provider.

	▲	baq 2 days ago \| parent [-]
		keepassxc is not a good SSO provider for 100 employees.