Explains the distinction between SSO (streamlined login across services) and 2FA (additional security layer requiring secondary verification)
reference slug: platform/other/users/single-sign-on reference slug: platform/general/authentication/two-factor-authentication
Single Sign-On (SSO) and Two-Factor Authentication (2FA) are both authentication mechanisms, but they serve different purposes and operate in distinct ways:
Single Sign-On (SSO) allows users to log in once with a single set of credentials and access multiple systems or services without re-authenticating. Vultr supports SSO through identity providers compatible with the OpenID Connect (OIDC) standard, such as Okta, Google, Microsoft Entra ID, and OneLogin. SSO is particularly useful for organizations that want to centralize access control and streamline user management across multiple services.
Two-Factor Authentication (2FA), on the other hand, adds an additional layer of security to the login process. After entering your username and password, you must provide a second verification factor, typically a time-based one-time password (TOTP) from an authenticator app like Google Authenticator or hardware keys such as YubiKey.
While SSO centralizes access across services, 2FA ensures that even if credentials are compromised, unauthorized access is still prevented. Enable Single Sign-On for users and Two-Factor Authentication for your account.