Problem solve Get help with specific problems with your technologies, process and projects.

Factors to consider before implementing single sign-on

My company is thinking about implementing single sign-on technology. What factors should we consider before doing so?

Single sign-on (SSO) may be a solution for your situation, but it all depends on your circumstances -- specifically security needs and budget.

SSO has its merits and risks. The two main merits are (1) Convenience: Users need only identify/authenticate themselves once to the "primary" domain and not for every platform or application. (2) Security: Because there's only one sign-on, SSO can eliminate the risks inherent in remembering multiple login/password combinations.

The two main risks are (1) Security: If an intruder compromises a user's account or password, that intruder could have extensive and easier access to far more resources. (2) Cost: SSO implementations can be expensive, both in the cost to purchase and in the manpower to deploy.

Two-factor SSO is best, where access is granted based on the double combination of what the user knows (a password or PIN) and what the user possesses (a biometric device, for example).

Take a look at RSA's Keon and v-go from Passlogix.

For more information on this topic, check out these other SearchSecurity.com resources:
Best Web Links: Authentication/Access Control
Best Web Links: Passwords/Authentication
Web Security Tip: SAP Security: Authentication and single sign-on

This was last published in May 2001

Dig Deeper on Single-sign on (SSO) and federated identity

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.