RE: Cached Domain Password on Notebook, secure?

From: Jeff Coy (
Date: 02/20/02

From: "Jeff Coy" <>
To: "Toni Heinonen" <>, "Laura A. Robinson" <>
Date: Wed, 20 Feb 2002 10:56:05 -0700

how about an ibutton? The idea is sound (wear your id) but I don't see many
apps for it.

-----Original Message-----
From: Toni Heinonen []
Sent: Wednesday, February 20, 2002 8:57 AM
To: Olav Seyfarth; Laura A. Robinson
Subject: RE: Cached Domain Password on Notebook, secure?

> So where to put it? SmartCard? USB-KryptoToken?
> Isn't the Problem then to ensure users don't leave these with
> the notebook?

Yes, indeed. I've seen a lot of companies install smartcard-operated doors
so users take their smartcards with them when they leave for lunch,
bathroom, etc. In Windows 2000, you can set the default behavior for smart
card removal (nothing, lock wortstation or log out user) from the local
security settings or of course you can put the setting in AD and propagate
it to the clients from there.

Another good way is to hire a security guard or receptionist that makes sure
everyone is carrying their ID badge, which is integrated to a smartcard.
Most advertisign agencies (!) make custom-made smartcards with company logos
and employee pictures and names.

        Telephone +358 (9) 3434 9123 * Fax +358 (9) 3431 321
        Mobile phone +358 40 836 1815
        Kauppakartanonkatu 7, 00930 Helsinki *