We Need Identity Brokers

Still, once SAML is standardized, authentication will be much more secure than the status quo. And standardization is pretty much a foregone conclusion. Plenty of service providers already use pre-standardized versions of SAML, and such heavy hitters as Salesforce.com, Cisco and Google all back it.

Standards like SAML will enable new services to design authentication schemes with these new mechanisms in mind. Already, plenty of B2B cloud authentication service providers handle SSO as a service for everything from on-premises applications to cloud and even mobile ones. These providers then act as identity providers (IdPs). The list of vendors is long, and each has a different approach, including Okta, PhoneFactor, Ping, SecureAuth and Symplified. And it's not just startups in this game, with CA, HP, Juniper, RSA and other major security players involved as well.

To handle its sprawling identity challenge, Netflix turned to , which provides cloud-based SSO services. OneLogin ties into Netflix's Active Directory, so its employees no longer have to worry about multiple passwords for multiple services.

"Most passwords are stolen through phishing attacks, but if you no longer have to enter a password, you can't be tricked by a fake login page," Kail says.