Imagine your day without having to type any passwords...

…and still be securely authenticated to all your desktop, browser and mobile applications. Repeated logins to multiple information systems are not only time-consuming but also potentially insecure as you have to remember many different passwords and might be tempted to type them down.

With our unique, reliable and lightning-fast single-sign-on solution, you can authenticate just once to your favourite directory (ActiveDirectory, eDirectory or other LDAP) and KeyShield SSO will then handle authentication to your information systems or applications. We support many of them out-of-the-box and for others support can be developed within one work day.

How KeyShield SSO Works

Once you’re authenticated to your favourite directory (eDirectory, Active Directory or LDAP), KeyShield keeps information about your IP address and full name.

When you connect to an information system, it checks your identity by querying KeyShield with your IP address. No further login is required. Read more

Unique features

KeyShield is faster than other SSO solutions and much faster than the classic authentication methods used by portals. The number of users that other systems can handle in minutes, we are able to handle in seconds. Save the valuable time of your employees – don’t let them wait while they log in.
It doesn’t matter whether you access your application through a web browser or whether it is running on your desktop, KeyShield can pass your user identity to the application regardless. Because we support many major desktop platforms (Windows, Linux and Mac) and have clients for most major mobile operating systems (Android, iOS and Blackberry), it doesn’t matter what kind of device you use.
You can set up KeyShield to authenticate you against your directory – we support eDirectory, Active Directory and OpenLDAP. You can even connect multiple directories and KeyShield will then perform load balancing to distribute queries among them. If you do not have any directory, you can use KeyShield’s embedded directory service.
You can download plugins for many popular applications and systems, for example, GWAVA, Filr, Vibe, Drupal, WordPress and many others. Here’s a complete list of available integrations.
Support for other systems can be programmed very easily and efficiently using our RESTful API. We also offer SAML conformity for systems supporting it (like Google Apps or Microsoft Office 365). In most cases, your programmer should be able to implement KeyShield for your system within one working day.
For an additional layer of security, you can require users to place a hardware card into a card reader while they log in. This two-factor authentication can be switched on for selected services.
KeyShield can act as a RADIUS Accounting client – we inform active network elements (FortiGate, Cyberoam, SonicWall, SmoothWall, LightSpeed, LiteSpeed, etc.) about the identity of the user. KeyShield can also act as a RADIUS Accounting server – in which it obtains information about the identity of the user from a firewall or Wi-Fi access point after successful authentication into a VPN.
So-called yellow message functionality can deliver prompts to the screens of logged-in users. Such a message is hard to miss and does not go away until the user accepts it. The addressee of the message can be a specific user or a whole subnet. This function is especially suitable for sending information about network maintenance, etc.

Recent News

  • 15th Sep
    Version 6.1 (beta4) is available

    You can try the newest beta version of KeyShield SSO – version 6.1 (beta4) is available for download. See a[...]

  • 05th Sep
    GWAVACon EMEA 2015

    We would like to invite you to a two-day IT conference GWAVACon 2015 taking place on 22-23 September 2015 in[...]

  • 11th May
    New version released – 6.0.2

    We have released a new version of KeyShield SSO – version 6.0.2. See a list of changes in the changelog.[...]