What is single sign-on and what are its security trade-offs?

Single sign-on, or SSO, allows users to authenticate once and gain access to multiple applications and systems without re-entering credentials. Benefits include improved user experience, reduced password fatigue, fewer help desk calls for password resets, and centralized access management. The primary security risk is that compromising the SSO credential gives an attacker access to all connected systems, making it a single point of failure.