A single sign-on technique suitable for a network of devices with no centralized device or synchronized clocks such as a personal area network (PAN) is described. Responsive to a user signing-on to a first device via its user interface, the first device securely propagates authentication of the user for enabling one or more other devices in the network, each for a near-expiry time period measured from the device specific time of the respective device; thus providing for expiration of authentication to minimize how long data is vulnerable in case a device is lost or stolen. Described also is a device enabling protocol using authentication accumulation to secure against threats from a rogue device pretending to be another device in the network such as in man-in-the-middle and replay attacks.