How does Cornerstone handle user authentication and access?

Cornerstone utilizes role-based access controls and single sign-on capabilities to manage user authentication and access effectively. Role-based access control allows administrators to assign specific permissions to users based on their roles within the organization. This approach ensures that individuals have access only to the information and functionalities necessary for their job, enhancing security and streamlining user management.

Moreover, single sign-on capabilities enable users to log in once and gain access to multiple applications without needing to re-enter their credentials. This not only improves user experience by reducing the number of passwords they need to remember but also enhances security, as it minimizes the chances of password fatigue leading to insecure practices.

The other options presented do not offer a comprehensive approach to user authentication and access. Requiring email verification is often a standard practice for account creation and does not specifically address user access management. Two-factor authentication adds an additional layer of security but is not the sole mechanism for managing access. Finally, using a centralized username and password for all employees can create vulnerabilities and is not practical for modern access management, where individualized roles and permissions are essential.