I had SecureLogin installed on my workstation today and it doesnât seem to work as I understand it should. SSO implies the use of one password to access everything.
When the PC booted up first thing in the morning, I logged onto ADS using my ADS/network password. I then ran my SSO enabled applications and entered my ADS/network username and password to logon.
SecureLogin advised me logon to the application failed and that I must enter my usernames and passwords as they were ""yesterday"". i.e. for e-mail I am instructed to enter the same e-mail password I used before SSO was installed, but I thought SSO meant I enter my ADS password for everything. I am confused!
A common misconception of SecureLogin is that it does Password Synchronization and makes all your passwords the same so whenever you are prompted, you must enter your network password.
To cut a long story short, SecureLogin doesnât perform password synchronization for the following reasons:
- it would be a political nightmare getting all your application owners to agree on a policy suitable for all applications (and that could be enforced by all);
- a security nightmare having all systems (including weak ones) having the same password (someone could crack your password to your calendar and using it to transfer money in the finance system); and
- a support nightmare upgrading, maintaining and troubleshooting the system.
With SecureLogin, users need only remember one password; the password they logon to the network with, which is typically the most secure. SecureLogin then remembers all the userâs different usernames and passwords to access applications and resources.
From the userâs point of view, they only need to remember their ADS/network password while SecureLogin manages all the different application password policies and requirements and retrieves and enters them as required.
Note: SecureLogin can do virtual password synchronization so the user enters their ADS/network password for all applications and SecureLogin enters the application password in the background. SecureLogin can also perform biometric (e.g. fingerprint), smartcard and token logon to the network and/or applications using SecureLogin Advanced Authentication.