The Kerberos Authentication System for Single Sign-On (SSO)

When working with authentication protocols the technique commonly used in the past was known as authentication by assertion. In this scheme a user logs in to their machine which authenticates their request to a remote server. Once the authentication is completed the user can further communicate with other services. This provides a very low level of security, which has led to numerous vulnerabilities in the early versions of the rlogin Unix login utility.

An alternative, but rather tedious solution is for the user to repeatedly provide their password each time they wish to use a service. However, this requires the user to send their password over the network in plain text, which can be intercepted by a third-party user and …