security

encyclopedia

S (36)
Explore Encyclopedia

IDENTITY SPRAWL

Identity sprawl refers to the growth in the many separate, incompatible accounts a user creates to access online services. As the number of accounts increases, the user’s identity is said to spread, scatter, or “sprawl” almost needlessly as a more unified approach would do the opposite by consolidating identity.

Systems that merge or synthesize identity are helpful from a usability and security perspective. Users prefer to manage fewer credentials, and a consequence of identity sprawl is that users recycle passwords across different services leaving enterprises open to credential-stuffing.

Examples of identity systems that fuse identity together are single sign-on (SSO) in the enterprise and social sign-on on Facebook or LinkedIn, so consumers can access other platforms with Facebook’s federated identity capability.

Example:

“My New Year’s resolution is to close all of these useless accounts for online services I no longer use. This identity sprawl is a nuisance and risky since I know there are some embarrassingly simple passwords that I’ve used over and over again.”

hypr_trial_ad
hypr_trial_ad