This document summarizes a security analysis of a single sign-on mechanism for distributed computer networks. It identifies two impersonation attacks against an existing single sign-on scheme proposed by Chang and Lee. The first attack allows a malicious service provider to recover a user's credential after communicating with the user twice, and then impersonate the user. The second allows an outsider without credentials to freely access network services by impersonating legal or nonexistent users. It also explains flaws in the original security arguments. An improvement is proposed using efficient verifiable encryption of RSA signatures.