I’ve been wondering whether it makes sense to try to implement a single sign on system.
I now have 2 bug tracking systems, a wiki, a webmail system and this web log. All of these have different authentication systems.
Maybe we need a common standard in web applications like RSS but for authentication?
Yeah, that would be a great idea – I’ve had thoughts along the same lines. 🙂
I recently bought and installed an xServer for a small non-profit I help out. They have ~25 volunteers and staff who use office computers and ~10 iMacs. We used the Open Directory which was somewhat difficult to set up (difficult for an Apple product anyway). Once up and running it’s great.
Now this uses Kerbos and LDAP for authentication and has the advantage of keeping everyone’s home directory on the server – and that part works very well (I can login on one Mac and then tomorrow login at another Mac and all my files, email and preferences are there).
So as we move forward they have several databases and a few other things I’d like to put on the web server but password protect. I’d love to use the LDAP (and therefore have a single sign on).
The problem with not have a single one is people will do all the bad things – write their PW’s on stickies placed on their monitors… Save all their PW’s in open keychains… Just the same weak PW for everything.