I would like to remind you that the PowerShell command Upgrade-SPSingleSignOnDatabase http://technet.microsoft.com/en-us/library/ff608049.aspx only migrates the definitions of the SSO but not the passwords. The official statement regarding to that is described in the following MSDN article.
The Single Sign-On (SSO) service is being replaced with the Secure Store Service in SharePoint Server 2010. You can use Windows PowerShell cmdlets to upgrade application definitions from SSO to the Secure Store Service. Note that passwords are not upgraded. After you upgrade the application definitions, you can make the Secure Store Service the default SSO provider. For more information, see Perform post-upgrade steps for an in-place upgrade (SharePoint Server 2010).
So, everytime a user will enter for the first time on a site he will be prompted to input his credentials and password in order to be stored. (By design, The passwords are not migrated because it would be a SharePoint 2010 security breach)
Even, in the following TechNet article is stating very clear that the PW command is only for migrating the application definition.
Use the Windows PowerShellUpgrade-SPSingleSignOnDatabase cmdlet to migrate the application definitions from the SSO database to the Secure Store database as target applications.
Héctor Calvarro Martín. SharePoint Dev. Microsoft Support Engineer for DEV EMEA