[rbranson]

One thing to remember in all of this is that services like OneLogin are likely a huge upgrade in security for their customers. They lower the barriers for moving away from things like shared passwords and poorly functioning in-house SSO setups.

It's easy for a Gartner analyst to sit behind a desk and pontificate about the ultimate-most-secure single-sign-on, but resource constraints are a thing. SaaS SSO is a very reasonable compromise for those who don't have the time, money, or talent to invest in on-premise infrastructure.