RE: Webmail authentication

[Paul Carroll <PaulC () CLC PITT EDU>]

To All,
Here is M$'s registry reference.
 
http://support.microsoft.com/default.aspx?scid=KB;en-us;q229940

Paul J Carroll
Technical Manager
University of Pittsburgh
Computer Learning Center

-----Original Message-----
From: Brian Bruns
To: David Brown; 'Security Basics' (E-mail)
Sent: 12/19/02 1:08 PM
Subject: Re: Webmail authentication

At 12:28 PM 12/18/02 -0800, David Brown wrote:
> My company is working on a webmail implementation, which requires that
the
user >authenticate to an NT domain.  Regardless of the authentication
method, there is >always an option in the login dialog to 'Save this
password in your password >list', which seems to be browser driven.  I
don't want my user population saving >their passwords to various
computers
all over the world.  Does anyone have a >clue how to remove or disable
this
option?

Have the login actually occour on the page and not via the popup would
be
the easiest.  IIRC, Squirrel mail had come up with a method to prevent
password saving by changing the username and password box on the login
screen to different  name values.

I'll look it up though and post a follow up...



--------------------------------
Brian Bruns
Founder, The Summit Open Source Development Group
Open Solutions For A Closed World / Anti-Spam Resources
http://www.2mbit.com
ICQ: 8077511

No spam tolerated.  By sending an e-mail to this account, your
server may be subjected to an open relay/open proxy test as part
of our ongoing efforts to reduce spam.