# IT:AD:Patterns:Single Sign On Strategy #



<callout type="Navigation" class="small">

* [[../|(UP)]]
{{indexmenu>.#2|nsort tsort}}


</callout>


## Summary ##

It's simple...you can guarantee that you -- as a general application developer -- know *far* less about security than a hacker that spends his/her day with this subject matter as their only concern. 

Never ever ever ever keep your user's authentication information (username/pwd/contactinfo/challenge) in your applicaition. 

Use Separation of Concerns and use a Single Sign On service: you concentrate on your app, let them concentrate on protecting their database...