I take issue with this part...
" Historically an employee would have a single account in a central authentication server like Microsoft's Active Directory that would give them access to networks and applications. When the employee left the company, all that was needed was disabling or deleting that single account.
"Today, however, an organization may have dozens of SaaS solutions in use, many with stand-alone authentication systems not tied to the company's internal authentication database," Clements told The Register. "
Historically, you'd have umpteen passwords and logins because most of the systems wouldn't connect to AD.
We're now entering a world of SSO, where almost everything can be authenticated with a single Microsoft or Google ID.
The danger isn't that we're increasing the number of logins, but that as the number of logins decrease, we're liable to get blasé and assume that one click kills all logins, when it doesn't.
Biting the hand that feeds IT
