In complex computing environments, passwords are often the source of frustration, wasted time and unnecessary expense. Users regularly access about eight to ten different systems. This frustrates users by requiring them to remember too many passwords, having multiple password prompts and the chore of resetting their passwords when they forget them. For example, employees in companies using IBM Lotus applications typically have numerous password prompts. Passwords are needed to access Microsoft Windows® as well as Domino HTTP sessions such as Lotus Domino® Web Access (“iNotes®”), Sametime®, QuickPlace®, and Domino Web applications. Users are often so afraid they will not be able to get back in or utilize a service in the future, they leave the figurative key in the door, with weak passwords like “password” or sticky notes posted all over their cubicles. With the increase in remote access and demand for greater resource access by members, security issues are becoming a greater concern and bigger challenge. Dictionary attacks, hacking and other vulnerabilities caused by poor password quality are putting sensitive information and/or resources at risk.
Frequently, companies implement an authentication solution that provides a secure and comprehensive security solution. One such solution is a Kerberos network authentication protocol. Kerberos is a network authentication system that has been publicly available since introduced by the Massachusetts Institute of Technology (MIT) in 1989. Kerberos has become a popular authentication mechanism in Microsoft Windows® and Active Directory, making it widely employed in the operating system market utilizing the operating system Microsoft Windows®. Because of its openness, Kerberos can be utilized to create single sign-on network environments, allowing end-users to employ one set of credentials to access all services, regardless of platform or operating system.
However, many services or applications may still require their own independent security measures, which may still require the user to provide identification and password independent of the platform or operating system. This may still result in multiple passwords and user identification maintenance, which again may lead to frustration, wasted time and unnecessary expense. Many of these services or applications may include an architecture specific to the security measures of the service or application, which prevent integration or compromise the effectiveness of another authentication solution.