In my opinion a system wouldn'n cache password locally.
E.g. Sysadmin logs in into a workstation and password will be stored locally. An
attacker could retrieve his password and login into the whole network whit
administrative privileges. It is not completely safe.
I'd rather prefer use Kerberos, using his tickets to access network resource
without caching password.
Anyway if the password must be stored locally, it must be!
>Todd Shubert wrote:
>
> What exactly is the "right security policy"? Wouldn't not storing the
> password provide problems for users, specifically laptop users, that
> require the use of cached credentials?
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
E.g. Sysadmin logs in into a workstation and password will be stored locally. An
attacker could retrieve his password and login into the whole network whit
administrative privileges. It is not completely safe.
I'd rather prefer use Kerberos, using his tickets to access network resource
without caching password.
Anyway if the password must be stored locally, it must be!
>Todd Shubert wrote:
>
> What exactly is the "right security policy"? Wouldn't not storing the
> password provide problems for users, specifically laptop users, that
> require the use of cached credentials?
------------------------------------------------------------------------
---
KaVaDo provides the first and only integrated Web application scanner and
firewall security suite that prevent Web applications attacks, the most
common form of online exploitation. Download a FREE whitepaper on Security Policy Automation for Web Applications.
http://www.securityfocus.com/sponsor/KaVaDo_focus-ms_030818
------------------------------------------------------------------------
---
[ reply ]