RE: cached passwords
From: Free, Bob (RWF4@pge.com)Date: 07/25/01
- Previous message: Rich Wilson: "Re: Microsoft SMTP Service"
- Maybe in reply to: tbos1@sears.com: "cached passwords"
- Next in thread: Bronek Kozicki: "Re: cached passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <2DBFCBE6D1DAD11191E300805F577D1202C10D8B@exchange104.comp.pge.com> From: "Free, Bob" <RWF4@pge.com> To: "'tbos1@sears.com'" <tbos1@sears.com>, focus-ms@securityfocus.com Subject: RE: cached passwords Date: Wed, 25 Jul 2001 14:59:10 -0700
NT will by default cache the last ten logins' credentials. There is a
registry setting to alter this behaviour.
Cached security credentials, including passwords, are stored and encrypted
in the
registry and protected by an access control list (ACL). RAS uses Local
Security
Authority (LSA) Secrets to store the entries. The default ACL values only
allow
administrators and the user associated with the credentials to gain access
to
these registry entries
Bob Free
Sr. Network Specialist
ISTS/ITUSS/DC/System Server Support
PG&E Auburn, Ca
-----Original Message-----
From: tbos1@sears.com [mailto:tbos1@sears.com]
Sent: Wednesday, July 25, 2001 1:47 PM
To: focus-ms@securityfocus.com
Subject: cached passwords
When a users logs into a NT machine, I was under the impression that the
user profile is cached locally. If this is the case, the password must
also be stored locally somewhere besides the SAM database. Can anyone
confirm this and know if there is a way to secure this (providing there is
a way to access the password).
- Previous message: Rich Wilson: "Re: Microsoft SMTP Service"
- Maybe in reply to: tbos1@sears.com: "cached passwords"
- Next in thread: Bronek Kozicki: "Re: cached passwords"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
