I’ve been talking to a customer in the midst of a large rollout of Citrix Password Manager and heard some interesting items.  This is a very positive Citrix customer, but they don’t want users aware of CPM

 Now, being software developers, we just assumed everyone would want to be aware of our cool SSO application.  But this customer, and apparently others, want their SSO solution to be transparent to users.

Why?  They have high turnover and their end users are unsophisticated from an IT perspective.  Their users have limited patience and get frustrated if they feel like they are getting slowed down.  So, even though CPM is saving them time and increasing security, the IT folks want CPM to be “invisible” so that users don’t get the wrong perception (i.e., while CPM is launching they get irritated.)

We’ve already made some changes to the product to address this, but this customer experience convinces me we need to do more.

Another tidbit: training their new workers to use SSO is more easier than training established employees who already have bad habits like writing down their passwords, guessing a good bit, and getting locked out a good bit.