Single sign-on seems like a good solution to simplify password management for end users, but Executive Editor A. Russell Jones says it's not SSO smart after all.
by A. Russell Jones
July 13, 2004
ow many times have you left your computer without locking it down? Sure, some people have a screensaver that locks the computer automatically after some elapsed period; most people set it to 20 minutes or more because shorter durations are irritating. I'm sure most developers are conscientious about security, but many—perhaps most—end users never lock their computers at all, which means that anyone can walk up to their computer while they're away, access everything they've logged into, and then restore the desktop state, all without the computer owner—or the network administrator—being any the wiser.
I'll Just Write That Password Down...
Physical access to a computer has always been a security concern, particularly when the primary users of those computers have username/password access to sensitive applications. But what is fairly new is the idea that you can use a single sign-on, usually your primary network account login, to gain access to those sensitive applications. Single sign-on relieves the burden of having to remember multiple username/password combinations by associating a primary account with various other applications. By giving users single sign-on capability, you save them from remembering multiple logins and reduce the administrative burden of resetting passwords, forcing users to change passwords, and maintaining multiple authentication lists.
It's quick, easy and you get access to all the articles on DevX.
This registration/login is to allow you to read articles on devx.com. Already a member?
To become a member of DevX.com create your Member Profile by completing the form below. Membership is free!
ow many times have you left your computer without locking it down? Sure, some people have a screensaver that locks the computer automatically after some elapsed period; most people set it to 20 minutes or more because shorter durations are irritating. I'm sure most developers are conscientious about security, but many—perhaps most—end users never lock their computers at all, which means that anyone can walk up to their computer while they're away, access everything they've logged into, and then restore the desktop state, all without the computer owner—or the network administrator—being any the wiser.
