At present, Internet users authenticate themselves using credentials to access different registered web services. These credentials are vulnerable to security threats in presence of active attackers. This imposes a burden on users to manage their credentials in different ways. This paper outlines a Single Sign-On model that defines user authentication and authorization scheme which makes the system secure against various attacks. There are various authentication schemes proposed that were based on like Kerberos and X.509. It may be difficult to utilize these schemes to modify legacy applications in which only password based authentication can be used. This paper proposes a solution based on Single Sign-On in which the system transmits a userpsilas password securely over the network. The model uses the concept of AAA (Authentication, Authorization, and Accounting) and a credential management scheme where the user has to authenticate itself only once.