|
|
|
|
|
|
by labcomputer
669 days ago
|
|
|
1. It’s usually for institutions. If my email address is username@bigco.com, an attacker already knows that I use BigCo Inc’s internal SSO. 2. It’s avoids having users type (or autofill) their passwords, so if one of (for example) BigCo’s vendors is compromised, the attackers don’t learn the passwords of BigCo employees. |
|
|