I’m wondering why organizations are still doing password sync over disparate systems rather than Single Sign On (SSO)?
It seems to me that you’re looking at equal amounts of effort in either case to distribute passwords via Sync or setup an SSO solution. SSO provides a much better degree of security since even a password gets hacked, you’re not getting the keys to the kingdom.
What makes this even more worrisome is that given the way Password Sync works, some systems are easier to hack than others, simply work on the repository that has the easiest policy. Invariably this is a mainframe or legacy app that won’t accept mixed case, special or numeric characters. Even a long password’s benefits are rendered moot in these circumstances.