When Single Sign-On technology is enabled, users are not required to enter their application account credentials to connect to the web interface. Authentication is performed using the domain user account.
It is recommended to use Kerberos authentication because it is the most robust mechanism. NTLM authentication allows hackers to access user passwords by intercepting network traffic.