In large enterprises and organizations, employees require to interact with multiple applications and access sensitive information. Each application has its authentication methods. Users need to manage different user names and passwords for each application, which is inconvenient and difficult.
A solution is needed to help users avoid remembering numerous passwords while simultaneously providing users access to the required sensitive data without compromising the security.
SecureLogin is a single sign-on (SSO) product that provides this kind of ease for password management. SecureLogin utilities and components enable SSO for Windows, web, Java, and terminal emulator applications.
In addition to username and password authentication, it supports multi-factor authentication, such as smart card, token, or biometric authentication at the network and application levels.
It also supports SSO and multi-factor authentication to enterprise workstations and applications from Azure Active Directory. The SecureLogin Advanced Edition component serves this purpose. This feature extends advanced capabilities such as public cloud adoption, hybrid deployments, and multi endpoint support. For more information, see SecureLogin 9 Advanced Edition Installation and Configuration Guide.
SecureLogin has the following features:
Includes wizards, directory console plug-in, and tools which make it easy to centrally configure for use on the corporate network.
Includes management utilities that allows the administrators and end-users to view their SSO details and, if permitted, enable SSO applications.
Eliminates the requirement for users to remember multiple user names and passwords beyond their initial login. It stores user names and passwords and automatically specifies them for users when required. Users do not need to remember and manually provide their credentials to log in to an application.
Quickly retrieves and specifies user credentials, which results in faster login.
Helps reduce Help Desk calls for locked accounts and forgotten user names and passwords.
Makes use of multiple integrated security systems that provide authentication and SSO to networks and applications.
It provides a single entry point to the corporate network and its user resources, which increases security and enhances compliance with corporate security policies.
Stores and encrypts user credentials in the directory: eDirectory, Active Directory, or other LDAP-compliant directories. It optionally caches them in an encrypted format on the local workstation.
With this level of encryption, no one can view a user’s credentials. If required, an administrator can set a new password under some circumstances, such as disaster recovery, but cannot view the existing password.
Client Login Extension provides password recovery for network login credentials. The password recovery support through Client Login Extension tool is also available for locked workstations and for workstations in which user operations are controlled by Desktop Automation Services (DAS).
Provides fault tolerance by using the following methods:
Local encrypted caching: To ensure that the network downtime does not affect SSO performance. If the corporate network is down, caching enables application logins to continue uninterrupted.
Application definitions: To cater to different login conditions and errors during the login.
It maintains SSO integrity for all mobile and remote users by locally encrypting the cache regardless of the network connectivity. If permitted, mobile users can update their SSO credentials when they are disconnected from the network and update the directory with these details when they attach later.
SecureLogin is a directory-enabled product and enables users to perform the following actions:
Log in from anywhere and get capabilities as if they were working from their own desks.
Log in and log out quickly because they authenticate only to the directory, and not to Windows.
Roam the enterprise and log in to different machines during the day.
Work on a laptop in a disconnected mode because their login credentials are saved to a local, encrypted cache.
Use a shared, kiosk-type workstation securely where many people log in temporarily for quick work, then log out.