Among system administrators, users are generally considered the weakest link in the security chain. One of the biggest concerns is how users create and remember passwords. To try and ensure the security of their systems, administrators will generally create policies regarding how complex a user's password must be, and will exhort the user to never write down, share, or reuse that password. On the surface, this seems like good security sense, and from an administrator's perspective, it is. However, to the user, who may have dozens of unique accounts, stringent policies create a significant cognitive burden. As such, users are generally guilty of creating ad hoc solutions to remember passwords, such as making them as simple as possible, writing them down, or reusing them. Administrators react by changing policies to make passwords even longer and more complex, and a negative circle is created. An alternative is to make use of Identity Federation (IF) systems. These systems allow end users to authenticate using a single password, thereby reducing the overall cognitive burden. This work will discuss the different technologies currently in use, and examine if these systems can provide adequate security while improving overall usability.
Library of Congress Subject Headings
Computers--Access control--Passwords; Computer networks--Security measures
Waters, Samuel, "Web-based single sign-on: an examination of security and usability" (2012). Thesis. Rochester Institute of Technology. Accessed from
RIT – Main Campus