Security Basics: RE: Cached Password concern

From: Sean McMahon <smcmahon_at_netspace.net.au>
Date: Tue, 2 Dec 2003 19:08:25 +1100

Set the cached logons to 1 in Group Policy .
This will allow for the current user to logon with cached credentials.

-----Original Message-----
From: Blake Wiedman [Icons] [mailto:bwiedman_at_iconsinc.com]
Sent: Tuesday, 2 December 2003 4:48 AM
To: 'sunny budd'; security-basics_at_securityfocus.com
Subject: RE: Cached Password concern

Syskey is able to be broken. Perform a search on SAMInside.

Blake Wiedman
Icons Inc.
Security Technician
(732) 821-9100 x103

-----Original Message-----
From: sunny budd [mailto:sunnybudd_at_hotmail.com]
Sent: Monday, December 01, 2003 5:56 AM
To: security-basics_at_securityfocus.com
Subject: Cached Password concern

Hi all

I am working on a laptop users security policy and I have a concern
about
cached domain user credentials in Windows 2000 SP4 as We use our domain
admin password to logon to laptops while they are being built. I would
like
to recommend against this practice but need some information on how easy
it
is to extract this stuff from a stolen laptop. I have heard that these
passwords are protected by "syskey" and are impossible to extract. Is
this
true or does anyone know how to get at these passwords?

Thanks,
S

_________________________________________________________________
Find a cheaper internet access deal - choose one to suit you.
http://www.msn.co.uk/internetaccess

------------------------------------------------------------------------

---
------------------------------------------------------------------------
----
------------------------------------------------------------------------
---
------------------------------------------------------------------------
----
---------------------------------------------------------------------------
----------------------------------------------------------------------------

Received on Dec 02 2003