Imagine your day without having to type any passwords...

…and still be securely authenticated to all your desktop, browser and mobile applications. Repeated logins to multiple information systems are not only time-consuming, but also potentially insecure as you have to remember many different passwords and might be tempted to type them down.

With our unique, reliable and lightning-fast single-sign-on solution, you can authenticate just once to your favourite directory (ActiveDirectory, eDirectory or other LDAP) and KeyShield SSO will then handle authentication to your information systems or applications. We support many of them out-of-the-box and for others support can be developed within one work day.

How KeyShield SSO Works

Once you’re authenticated to your favourite directory (eDirectory, Active Directory or LDAP), KeyShield keeps information about your IP address and full name.

When you connect to some information system, your identity is checked by querying KeyShield about your IP address. No further login is required.
Read more

Unique features

KeyShield is faster than other SSO solutions and much faster than the classic authentication methods of portals. The number of users that others can handle in minutes, we are able to handle in seconds. Save the valuable time of your employees, don’t let them wait while they login.
It doesn’t matter whether you access your application through a web browser or whether it is running on your desktop. KeyShield can pass your user identity to the application regardless of that. Because we support many major desktop platforms (Windows, Linux, Mac) and have clients for most major mobile OSes (Android, iOS, Blackberry), it doesn’t matter what kind of device you use.
You can setup KeyShield to authenticate you against your directory – we support eDirectory, Active Directory and OpenLDAP. You can even connect multiple directories and KeyShield will then perform load balancing to distribute queries among them. If you do not have any directory, you can use the embedded directory service of KeyShield.
You can download plugins for many popular applications and systems – for example GWAVA, Filr, Vibe, Drupal, WordPress and many others. See a complete list of available integrations.
Support for other systems can be programmed very easily and efficiently using our RESTful API. We also offer SAML conformity for systems supporting them (like Google Apps or Microsoft Office365). In most cases your programmer should be able to implement KeyShield to your system within one working day.
For an additional measure of security, you can require users to have a hardware card present at a card reader while they login. This two-factor authentication can be switched on only for selected services.
KeyShield can act as a RADIUS Accounting client – we inform active network elements (FortiGate, Cyberoam, SonicWall, SmoothWall, LightSpeed, LiteSpeed, etc.) about the identity of the user. KeyShield can also act as a RADIUS Accounting server – whereas it obtains information about the identity of the user from a firewall or WiFi access point after successful authentication into VPN.
So-called yellow message functionality can deliver prompts to the screens of logged-in users. Such a message is hard to miss and does not go away until the user accepts it. Adressee of the message can be a specific user or a whole subnet. This function is especially suitable for passing information about network maintenance, etc.

Recent News

  • 11th May
    New version released – 6.0.2

    We have released a new version of KeyShield SSO – version 6.0.2. See a list of changes in the changelog.[...]