OpenID

OpenID is an open, decentralized standard for user authentication and access control, allowing users to log onto many services with the same digital identity. As such, it replaces the common login process that uses a login-name and a password, by allowing a user to log in once and gain access to the resources of multiple software systems.

An OpenID is in the form of a unique URL, and is authenticated by the user's 'OpenID provider' (that is, the entity hosting their OpenID URL). The OpenID protocol does not rely on a central authority to authenticate a user's identity. Since neither the OpenID protocol nor Web sites requiring identification may mandate a specific type of authentication, non-standard forms of authentication can be used, such as smart cards, biometrics, or ordinary passwords.

Installing an OpenID Server on Dreamhost

 * http://www.plaxo.com/api/openid_recipe
 * http://www.shokk.com/blog/articles/2009/01/25/hosting-your-own-openid/ dead link 22-April-2010
 * http://wiki.openid.net/Libraries

Alternatives
Client side public key certificates can also enable single sign on. Relying parties just have to be introduced to the certificate, or to its signer.

(It would even be possible to generate temporary public keys using a password as seed. This avoids the need to store the certificate.)