Single Sign On and Passwordless Strategy

Y F Lai, Head of Infrastructure Systems

Users may find it a nuisance to authenticate with different CAS identity providers for applications that have different access control requirements of staff, students, alumni, or a combination of these affiliations. Recently, ITSC are making an effort to consolidate various identity providers to achieve the true Single Sign On (SSO) experience, where users are no longer required to enter their primary and secondary credentials multiple times in different identity providers, so as to improve the logon experience. From a security perspective, users will be more conscious about providing their password to untrusted authorities that are requesting your credentials.

The full consolidation will be completed around early 2021. This exercise should be transparent to most applications. However, some application administrators may be contacted by us for a change because of this exercise.


​​​​​​​Lastly, the identity providers’ consolidation is our strategy to support password-less authentication as it introduces more stringent security with user friendliness. Soon, users will only need to register once with their authenticator devices such as their mobile phones or their Windows desktop to identity providers. They will not need to enter their credentials in authenticating applications. Please stay tuned for the upcoming announcements.