You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
-**Privacy**: a single provider will know the services you use.
-**Centralization**: if your SSO account gets compromised, so do all the services you connected to it.
-**Centralization**: if your SSO account gets compromised or you aren't able to login to it, all other accounts connected to it are affected.
SSO can be especially useful in those situations where you could benefit from deeper integration between services. For example, one of those services may offer SSO for the others. Our recommendation is to limit SSO to only where you need it and protect the main account with [MFA](multi-factor-authentication.md).
All of your accounts that use SSO will be as secure as your SSO account. For example, if you want to secure an account with a hardware key but that service doesn't support hardware keys, you can secure your SSO account with a hardware key and now you essentially have hardware MFA on all your accounts. However, the pendulum swings both ways; if the security on your SSO account is lax, then all of your other accounts are at risk.
### Phone number
Sometimes, services will request your phone number during signup. A phone number is highly identifying, especially if it's your main number. You should avoid giving out your real phone number if you can, but don't use a fake one that you can't receive SMS from; you might need to use the number later for account verification. You might consider purchasing a VOIP (Voice Over Internet Protocol) service, or utilize a phone number aliasing service.
