Single sign on (SSO) mechanisms authenticate subjects once in a single place and provide unrestricted access to multiple networks and systems (based on the users rights and permissions) thereafter. Once authenticated on an SSO system, users may freely utilize broader network resources without repeatedly authenticating across system and network boundaries. SSO is a double-edged sword: it provides unrestricted access for both legitimate users and also malefactors who manage to jump the system’s authentication hurdles.

The term enterprise reduced sign on (RSO) refers to the same process, with the distinction that SSO is impractical without a homogenous IT infrastructure. SSO is a visible benefit wherever a single-entity authentication scheme exists or where centralized user databases are in ubiquitous use.

All information processing systems can leverage a single database or central repository for account sign on and user identity information for organized-wide authorization and access purposes. RSO lowers the bar somewhat, but requires multiple authentication systems to exchange data correctly and transparently in the background.