Security Basics mailing list archives
RE: Cached Password concern
From: "dave kleiman" <dave () isecureu com>
Date: Mon, 1 Dec 2003 18:26:22 -0500
Sunny, What are your options? Do you have the budget to buy software to protect the laptops (DriveCrypt etc.)? Are you forced to allow cached domain accounts on the laptop? Are you just looking for the best way (without other software) to protect the credentials or the Data or Both? _______________________________ Dave Kleiman, CISSP, MCSE, CIFI dave () isecureu com www.SecurityBreachResponse.com "High achievement always takes place in the framework of high expectation." Jack Kinder -----Original Message----- From: sunny budd [mailto:sunnybudd () hotmail com] Sent: Monday, December 01, 2003 05:56 To: security-basics () securityfocus com Subject: Cached Password concern Hi all I am working on a laptop users security policy and I have a concern about cached domain user credentials in Windows 2000 SP4 as We use our domain admin password to logon to laptops while they are being built. I would like to recommend against this practice but need some information on how easy it is to extract this stuff from a stolen laptop. I have heard that these passwords are protected by "syskey" and are impossible to extract. Is this true or does anyone know how to get at these passwords? --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Cached Password concern sunny budd (Dec 01)
- RE: Cached Password concern Blake Wiedman [Icons] (Dec 01)
- RE: Cached Password concern Sean McMahon (Dec 02)
- RE: Cached Password concern dave kleiman (Dec 01)
- RE: Cached Password concern Zachary Mutrux (Dec 02)
- <Possible follow-ups>
- RE: Cached Password concern sunny budd (Dec 02)
- RE: Cached Password concern Blake Wiedman [Icons] (Dec 01)