Access Keys:
Skip to content (Access Key - 0)

Why do we need to use these certificates? Why can't we just use login and password?

Answer

If MIT had only one web site or only one administrative application, then indeed a login name and password would suffice. However we have many websites at MIT that require "logging in" and we will have more in the future. Each site that requires a different login name and password is another opportunity for a security risk. Certificates provide a way to have "single sign on" where we authenticate once and then can access any site at MIT that accepts certificates for logging in.

There are other ways of obtaining single sign on, however they have their own set of problems/issues. After a certain amount of configuration and education, certificates provide a secure and convenient method of deploying institute wide authentication services.

Certificates are used at MIT today just to provide for web authentication. However the same certificate that you use today for web authentication may in the future be usable for other applications. An interesting potential future application is for secure electronic mail. The technology already exists, but is not yet easy enough to use for IS&T to formally support it.

IS&T Contributions

Documentation and information provided by IS&T staff members


Last Modified:

June 07, 2011

Get Help

Request help
from the Help Desk
Report a security incident
to the Security Team
Labels:
c-certificates c-certificates Delete
certificate certificate Delete
log log Delete
in in Delete
password password Delete
sign sign Delete
on on Delete
authentication authentication Delete
Enter labels to add to this page:
Please wait 
Looking for a label? Just start typing.
Feedback
This product/service is:
Easy to use
Average
Difficult to use

This article is:
Helpful
Inaccurate
Obsolete
Adaptavist Theme Builder (4.2.3) Powered by Atlassian Confluence 3.5.13, the Enterprise Wiki