SSO provides flexibility to the user so they don't have to enter the credentials again and again for accessing different applications. Every one of us are happy about it but there is a side effect of this solution. For example if you are logged into the system which works on SSO and does the SSO to the payroll site. What will happen you signed into this portal and went for a cup of coffee with your friend and forget to lock the system. Your neighbour who is always intrested to know how much you are earning gets a chance to move his chair to your desk and get that information quickly.
This was just an example, there could be multiple secure applications which reside in enterprise portal and are critical for you. That's the reason organizations are adapting the concept of Reduced Sign On.
Reduced Sign On: This concept handles the above scenario by prompting another set of verification when you try to access critical applications. This extra layer of authentication could be any one of below list:
1) Challenge Question
2) Digital Certificate
3) Hardware Token number
4) Smart Card
Reducing users' sign-on complexity problems requires a balance between user satisfaction and security. If the scale swings too far toward security when trying to prevent a breach, user satisfaction decreases. Similarly, if the scale swings toward user satisfaction, you can compromise IT security.