Security Basics mailing list archives
RE: Cached Password concern
From: "Blake Wiedman [Icons]" <bwiedman () iconsinc com>
Date: Mon, 1 Dec 2003 12:47:50 -0500
Syskey is able to be broken. Perform a search on SAMInside. Blake Wiedman Icons Inc. Security Technician (732) 821-9100 x103 -----Original Message----- From: sunny budd [mailto:sunnybudd () hotmail com] Sent: Monday, December 01, 2003 5:56 AM To: security-basics () securityfocus com Subject: Cached Password concern Hi all I am working on a laptop users security policy and I have a concern about cached domain user credentials in Windows 2000 SP4 as We use our domain admin password to logon to laptops while they are being built. I would like to recommend against this practice but need some information on how easy it is to extract this stuff from a stolen laptop. I have heard that these passwords are protected by "syskey" and are impossible to extract. Is this true or does anyone know how to get at these passwords? Thanks, S _________________________________________________________________ Find a cheaper internet access deal - choose one to suit you. http://www.msn.co.uk/internetaccess ------------------------------------------------------------------------ --- ------------------------------------------------------------------------ ---- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- Cached Password concern sunny budd (Dec 01)
- RE: Cached Password concern Blake Wiedman [Icons] (Dec 01)
- RE: Cached Password concern Sean McMahon (Dec 02)
- RE: Cached Password concern dave kleiman (Dec 01)
- RE: Cached Password concern Zachary Mutrux (Dec 02)
- <Possible follow-ups>
- RE: Cached Password concern sunny budd (Dec 02)
- RE: Cached Password concern Blake Wiedman [Icons] (Dec 01)