That's a very valid point. It's pretty simple.
The site owner will have all users information stored in his own site database. The site owner can disable SSO client on the site, and ask users to reset the password to login to the site. So, the user can directly login to the site with the new password, w/o being redirected to publicityport.com.