We are awash in passwords, and as the number of Web services increases, things are only going to get worse. Trying to manage all these individual passwords is a major problem for enterprise security. Many end users cope by re-using their passwords, which exposes all sorts of security holes.
One solution is a single sign-on (SSO) tool to automate the logins of enterprise applications and also beef up password complexity, without taxing end users to try to remember dozens of different logins.
SSO isn't new: we have had various products for more than a decade. What is new is that several products now combine both cloud-based SaaS logins with local desktop Windows logins, and add improved two-factor authentication and smoother federated identity integration.
Also helping is a wider adoption of the open standard Security Assertion Markup Language (SAML), which allows for automated sign-ons via exchanging XML information between websites.
Cloud-based single sign-on: A business perk for customers?
The SSO market includes more than a dozen products from boutique shops to large software vendors. We tested eight products: SecureAuth, OneLogin, Okta, Symplified, Intel's McAfee Cloud Identity Manager, Numina Application Framework, SmartSignin and Radiant Logic. Several other SSO vendors were contacted but decided not to participate, including IBM, CA, Oracle and Ping Identity. (Watch a slideshow version of this story.)