In practice, the single sign-on system is likely to suffer password attack and replay attack, etc. For the purpose of resolving these problems, a new single sign-on scheme is raised, which is based on dynamic password method. In the new scheme, a specific design is given, and the security of this scheme is analyzed in details. In this scheme, through the universal dynamic password authentication, the user can visit all the services in the visiting range. At the same time, the scheme implements the connect authentication between the client and application servers.