Pros and Cons of Single Sign On, and Kerberos and Its Mitigating Vulnerabilities

963 Words4 Pages
Pros and Cons of Single Sign On In single sign on, the user registers and authenticates with one site and uses those credentials for identity with other sites (Pros and Cons to Single Sign In, 2009). For the user, it lowers the barriers to participation of registering with sites without trusting them first and reduces the number of credentials with having to remember all the usernames and passwords, making it convenient. The downside for the user is if that one password is lost or forgotten, the user would have to start over rebuilding and online identity, which can be time consuming (Chng, 2008). Single sign on is also highly susceptible to phishing attacks. Enterprises that use single sign on may receive more traffic to their websites by using third party vendors, but there are things that need to be considered. The site does not see the user credentials with single sign on. They have to trust the third party site. Without seeing the user email, the enterprise cannot leverage the registrations against revenue streams of selling mailing lists to spam companies. The dependence on a third party vendor is without a legal binding agreement, so if the third party shuts down, the enterprise can lose part of the user base overnight. If the enterprise wishes to send email advertisements to the users, they could not do that with single sign on because of not having access to the emails. With most enterprises being a result of mergers with divergent systems, this could present

    More about Pros and Cons of Single Sign On, and Kerberos and Its Mitigating Vulnerabilities

      Open Document