EL PASSO is an efficient and lightweight privacy-preserving single sign-on system. It uses non-interactive zero-knowledge proofs and Pointcheval-Sanders signatures to allow a user to anonymously prove credentials and selectively disclose attributes to different services without revealing their long-term secret or allowing the services to link their activities. The system employs threshold encryption to allow misbehaving users to be reported while preserving their anonymity from the identity provider.