Ask the Expert

Factors to consider before implementing single sign-on

My company is thinking about implementing single sign-on technology. What factors should we consider before doing so?

    Requires Free Membership to View

Single sign-on (SSO) may be a solution for your situation, but it all depends on your circumstances -- specifically security needs and budget.

SSO has its merits and risks. The two main merits are (1) Convenience: Users need only identify/authenticate themselves once to the "primary" domain and not for every platform or application. (2) Security: Because there's only one sign-on, SSO can eliminate the risks inherent in remembering multiple login/password combinations.

The two main risks are (1) Security: If an intruder compromises a user's account or password, that intruder could have extensive and easier access to far more resources. (2) Cost: SSO implementations can be expensive, both in the cost to purchase and in the manpower to deploy.

Two-factor SSO is best, where access is granted based on the double combination of what the user knows (a password or PIN) and what the user possesses (a biometric device, for example).

Take a look at RSA's Keon and v-go from Passlogix.


For more information on this topic, check out these other SearchSecurity.com resources:
Best Web Links: Authentication/Access Control
Best Web Links: Passwords/Authentication
Web Security Tip: SAP Security: Authentication and single sign-on

This was first published in May 2001

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: