Single sign-on (SSO), is an authentication method that requires a user to only log on once, with a single user...
ID and password, to multiple applications, systems or Web sites. Prior to single sign-on, a user had to enter both a user ID and password, each usually different, every time they logged on to different applications or systems in the same session. This obviously can be time-consuming, especially in business environments, where time is money yet time is wasted because employees have to keep logging on each time they access a new system from their desktop.
SSO is usually implemented through a separate software authentication module that acts as a gateway to all the applications that require logging on. The module authenticates the user and then does all the heavy lifting -- managing access to the other applications. It acts as a master data store for all the required logon credentials.
An example of an SSO module is Microsoft's Passport, which allows a user to register once and then acts as a gateway to multiple Web sites, each of which normally requires its own logon. There are other commercial SSO modules available, such as Computer Associates' eTrust and there are other modules in Java and PAM for Linux.
While SSO is a great convenience, some see it as a security issue in itself. If the SSO system is compromised, an attacker, in essence, has unlimited access to all applications authenticated by the SSO module.
SSO usually is a big project that needs careful planning before implementation.
Related Q&A from Joel Dubin, past SearchSecurity.com expert
The security of RFID chips and smart cards may not be fully mature, but there are best practices to keep facilities safe. Identity and access ...continue reading
Picture passwords for mobile device security aren't a new idea, but they have been recently improved. Identity and access management expert Joel ...continue reading
Hacked smart cards are a large potential threat to enterprises that utilize them. Learn how to thwart smart card hackers.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.