All the latest UK technology news, reviews and analysis

Single sign-on passwords pose security threat

by Matt Chapman

31 May 2006

Be the first to comment

  • Tweet this
Companies are running a huge security risk by not encrypting passwords for systems that use a single sign-on
Only a tenth of organisations using enterprise single sign-on combine the system with strong authentication

Companies are running a huge security risk by not encrypting passwords for systems that use a single sign-on, a security vendor has claimed.

Research from RSA Security shows that companies are attracted to the ease of enterprise single sign-on technology because it reduces the number of helpdesk calls. 

Further reading

However, RSA raised concerns that only 11 per cent of organisations using enterprise single sign-on combine the system with strong authentication.

"Password resets continue to demand considerable IT resources which are purely a cost centre for UK businesses," said Tim Pickard, a spokesman at RSA. "However, businesses also need to be mindful of the security implications."

RSA claimed that the trend will only get worse, as 40 per cent of those surveyed plan to implement enterprise single sign-on within the next two years, but only a quarter plan to use it in conjunction with strong authentication.

"When implementing this technology, companies need to ensure that strong authentication is in place to verify who the user is without the fear of compromise," said Pickard.

RSA's research found that the most common strong authentication technology is time-synchronised hardware tokens, followed by smart cards.

Research from analyst group Gartner claims that up to 30 per cent of all helpdesk requests are to ask for lost passwords, costing businesses up to $1.5m every year. 

Do you agree?

Add your comment
 

Add your comment

We won't publish your address
By submitting a comment you agree to abide by our Terms & Conditions. Your comment will be moderated before publication.
Submit your comment

Latest stories from Security

US President Barack Obama

US identified as Stuxnet perpetrator with Obama's backing

Related white papers

Related videos

Related articles

Related jobs

Today's top stories

Olympics

Top 10 steps businesses can take to prepare for the Olympics

amazon-kindle-touch-e-book-reader

Amazon Kindle Touch review

London Underground train going into tunnel

Virgin reveals 82 London Underground stations to receive Wi-Fi

Poll

Flame virus poll

Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?

35%

0%

11%

54%

Features

V3's Madeline Bennett

It's time to change tax system to bring technology manufacturing back to the UK

The V3 hotseat

The V3 Hot Seat: Imperva CTO and co-founder Amichai Shulman

Flame in monitor screen

Quick guide to Flame malware attack

cookies

Quick guide to cookie law compliance

More features

Connect with V3.co.uk

Sign up to our daily or weekly newsletters

Case studies and reports

Symanteccloud

Social networking: a guide for IT managers

Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them

Riverbed

Mitigating the risks of IT change

The importance of understanding your infrastructure

Technology jobs

Business Readiness/ Change manager

As part of a major implementation of a new inventory...

Information/Data Architect - MDM - SOA

Information/Data Architect - MDM - Master Data Management...

Softwaren Developer - .Net/SQL Server

Code Red Associates (CRA) is a leading supplier of Permanent...

Senior Test Analyst, Quality Assurance, QA, To £47,000 + Benefits

A fantastic opportunity has arisen for an experienced...

To send to more than one email address, simply separate each address with a comma.