Password resets are more or less the bane of the help desk agent’s existence. Carrying that through logically, they also represent a significant expense for the organization to pay for the lost productivity of the employees and the time and effort of the help desk agent to get the issue resolved. So, many organizations seek single sign-on (SSO) solutions to minimize the number of usernames and passwords that users have to keep track of and hopefully reduce the amount of help desk calls.
This article that I wrote for the Midmarket Security Strategies and Tactics site at TechTarget examines a couple of ways to achieve SSO using protocols and technologies already built in to Windows. On the network server side, you can use Kerberos to achieve SSO, while users can make use of the Credential Manager feature in Windows XP and Windows Vista (and Windows 7) to store passwords and create their own SSO. Read How to use Kerberos and Credential Manager for Windows single sign-on to learn more.