RE: Cached Domain Password on Notebook, secure?

From: Jeff Coy (jcoy@email.arizona.edu)
Date: 02/20/02


From: "Jeff Coy" <jcoy@email.arizona.edu>
To: "Toni Heinonen" <Toni.Heinonen@teleware.fi>, "Laura A. Robinson" <larobins@bellatlantic.net>
Date: Wed, 20 Feb 2002 10:56:05 -0700

how about an ibutton? The idea is sound (wear your id) but I don't see many
apps for it.

        http://www.ibutton.com

-----Original Message-----
From: Toni Heinonen [mailto:Toni.Heinonen@teleware.fi]
Sent: Wednesday, February 20, 2002 8:57 AM
To: Olav Seyfarth; Laura A. Robinson
Cc: focus-ms@securityfocus.com
Subject: RE: Cached Domain Password on Notebook, secure?

> So where to put it? SmartCard? USB-KryptoToken?
> Isn't the Problem then to ensure users don't leave these with
> the notebook?

Yes, indeed. I've seen a lot of companies install smartcard-operated doors
so users take their smartcards with them when they leave for lunch,
bathroom, etc. In Windows 2000, you can set the default behavior for smart
card removal (nothing, lock wortstation or log out user) from the local
security settings or of course you can put the setting in AD and propagate
it to the clients from there.

Another good way is to hire a security guard or receptionist that makes sure
everyone is carrying their ID badge, which is integrated to a smartcard.
Most advertisign agencies (!) make custom-made smartcards with company logos
and employee pictures and names.

TONI HEINONEN
        TELEWARE OY
        Telephone +358 (9) 3434 9123 * Fax +358 (9) 3431 321
        Mobile phone +358 40 836 1815
        Kauppakartanonkatu 7, 00930 Helsinki
        toni.heinonen@teleware.fi * www.teleware.fi



Relevant Pages

  • Re: mlock(1)
    ... > worse than no security at all and renders the idea of encrypting swap ... This threat level is why secure systems people use smartcards for the ... send the line "unsubscribe linux-kernel" in ...
    (Linux-Kernel)
  • Re: HELP, Vulnerability in Debit PIN Encryption security, possibly
    ... >> An important advantage of smartcards over magstripe cards ... And yes, there are often common keys in terminals, tamper-resistant. ... smartcard are about as secure overall. ... Smartcards _are_ more secure against certain attacks - but the bad guys ...
    (sci.crypt)