What Is SSO?
Single Sign-On (SSO) is a secure sign-in system that allows you to use one username and password to access multiple applications, such as websites or desktop applications. Instead of remembering different passwords for each application, you only need one: your Villanova Account.
Once you are signed in, you can move between approved applications like Blackboard, Self-Service Banner, Outlook Email, Zoom, or OneDrive without logging in again. SSO makes access faster and easier while reducing password fatigue and reuse risks.
In short, SSO streamlines access to the applications you use every day while improving security. When you sign in through SSO, built-in protections like multi-factor authentication (MFA) are already part of the experience, providing a strong, layered defense for university systems and data.
SSO is the University's required authentication standard for all supported applications and users. It is not optional for systems that are integrated with University identity services.
All new applications must be
onboarded and configured for SSO unless an exception is formally approved through Information Security.
Benefits of SSO
- Stronger security: Fewer passwords to manage reduces risky reuse.
- Simpler logins: One password for all connected applications.
- Faster access: Click once, reach many applications.
- Fewer resets: Fewer Service Desk tickets for lost passwords or troubleshooting login issues
- Future-ready: Works well with MFA and other security layers.
- Consistent protection: Ensures all SSO-enabled applications automatically follow the University’s authentication standards.
How SSO Works
SSO is built around trust between connected applications. When you log in once, the application issues a secure token (a digital key) that confirms who you are. That login is then trusted by all other connected applications.
Here is what happens during the login process:
- You sign in through Villanova University's SSO page.
- Your identity is verified and a secure token (a digital key) is created.
- As part of the sign-in process, you may be prompted to complete MFA (such as Duo or Microsoft Entra Authenticator), depending on the application and access context.
- When you open another approved application, that application checks with Villanova University's SSO service.
- The token confirms your identity, and access is granted with requiring a new login.
This process relies on industry standards such as Security Assertion Markup Language (SAML) and OpenID Connect (OIDC).
Authentication Standard and Fallback
To comply with the Account and Passwords Standard, Villanova uses a layered authentication approach to ensure secure and reliable access:
Option 1 (Required): Configure for SSO
All supported applications must use SSO. SSO already includes the University’s account, password, and MFA requirements, so no additional setup is needed by the user.
Option #2 (Fallback): Password + MFA
If SSO is unavailable, access must use a password combined with MFA. This adds an extra verification step (such as a push notification, code, or biometric factor) to confirm your identity and significantly reduces the risk of unauthorized access, even if credentials are compromised.
Option 3 (Fallback): Strong Password/Passphrase
If Password + MFA is not supported or MFA cannot be used, a complex password or passphrase is required. This should be long, unique, and not reused across systems to maintain a strong level of protection.
This layered model ensures continued access while maintaining appropriate security controls under different scenarios.
Common Types of SSO
| Type |
What it Does |
| SAML |
Securely shares login data so browser-based applications can sign you in without separate passwords. |
| OAuth |
Lets one application access limited info from another (with your permission) without sharing your password. |
| OpenID Connect (OIDC) |
Adds user identity on top of OAuth so you can “Sign in with Google/Microsoft/etc.” across applications. |
| Kerberos |
Uses encrypted tickets so both you and the application verify each other. |