Hi,
There are many ways to implement SSO for applications which are web based. It seems the main reason for your project sponsors concern is that you have a single point of failure. Generally I find it is better to implement SSO without any single point of failure and then it never goes wrong and nobody will be concerned.
Maybe it is best to illustrate my point by considering other parts of your infrastructure. Do you have a backup network in case your network goes wrong ? Probably not. This is because the network is setup without a single point of failure so if a router dies the network will still work whilst the router is fixed. Similarly, if an Active Directory domain controller breaks, then another will be used instead whilst the broken DC is fixed.
So, perhaps you can re-architect your SSO implementation, and then you won't need to have to implement other methods of logon.
Thanks
Tim