Single Sign On and twofold definitions

I was trying to understand the concept of Two-fold (SSO) , I found these 3 explainations, but I got confused with them :

http://www.sun.com/software/products...tion_sheet.pdf
As the number of networked applications in the enterprise continues to skyrocket, identity proliferation among users remains an important concern. The challenge is two-fold: to enable secure access to dozens of applications without requiring users to have dozens of different logins, and to secure back-end applications without having to change the applications themselves. Having multiple logins inconveniences users, increases administrative costs, and potentially threatens security when users resort to writing down all their passwords because it's impossible to remember them. And having to change applications in order to secure them is costly, difficult, and - when dozens of applications are involved - extremely impractical.


http://www.matu.ac.uk/how_shibboleth_works.html
2- The purpose of a single sign-on system is twofold, to allow the same username to be used for access to many online resources and to allow the user to navigate from one resource to another without having to re-type the username and password.


http://www.informit.com/articles/art...p?p=29599&rl=1
3- Single Sign-On (SSO)-SSO's purpose is twofold. First, it centrally manages a multitude of user accounts that exist across multiple platforms, systems, and applications. Second, it allows the end users to sign on only once for authentication purposes.

In the first explaination why do I need to change the application to secure them ?

In your initial question you says you're trying to understand... Two-Fold? If you're reading those definitions thinking they're for two-fold.. that could be your issue.

As to modifying the apps for SSO, an application has its own proprietary login system. These apps need to be modified to accept the credentials of the SSO software.