Single sign-on (SSO), is an authentication method that requires a user to only log on once, with a single user ID and password, to multiple applications, systems or Web sites. Prior to single sign-on, a user had to enter both a user ID and password, each usually different, every time they logged on to different applications or systems in the same session. This obviously can be time-consuming, especially in business environments, where time is money yet time is wasted because employees have to keep logging on each time they access a new system from their desktop.
SSO is usually implemented through a separate software authentication module that acts as a gateway to all the applications that require logging on. The module authenticates the user and then does all the heavy lifting -- managing access to the other applications. It acts as a master data store for all the required logon credentials.
An example of an SSO module is Microsoft's Passport, which allows a user to register once and then acts as a gateway to multiple Web sites, each of which normally requires its own logon. There are other commercial SSO modules available, such as Computer Associates' eTrust and there are other modules in Java and PAM for Linux.
While SSO is a great convenience, some see it as a security issue in itself. If the SSO system is compromised, an attacker, in essence, has unlimited access to all applications authenticated by the SSO module.
SSO usually is a big project that needs careful planning before implementation.
Dig Deeper on Single-sign on (SSO) and federated identity
Related Q&A from Joel Dubin
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums ... Continue Reading
After a server room door has been compromised, finding a more secure solution is of utmost importance. Learn how to choose a server room door that ... Continue Reading
In the IAM world, what's the difference between access control and identity management. This IAM expert response explains how the two relate as well ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.