April 28th, 2003, 03:15 AM
Turn Password Chaching On
I was wondering how do i turn password chaching on? i am running Windows 98 SE.
April 28th, 2003, 03:22 AM
In Internet Explorer, go to Tools, Internet Options, Content, AutoComplete...Happy Caching!
"It is a shame that stupidity is not painful" - Anton LaVey
April 28th, 2003, 01:01 PM
Experience is something you don't get until just after you need it.
April 28th, 2003, 09:47 PM
by the way ... what is the purpose of pwd caching on a 95/98/nt workstation ... if i'm correct they don't use Active directory and are so much more insecure... why in the world would you wanna cache the domain pwds on them and therefore in case of a breach compromise the whole domain??? ... just wondering, if i'm incorrect in my assumption, please let me know...
April 28th, 2003, 10:52 PM
Caching domain credentials on workstations is usefull if the computer gets disconnected from the network or the PDC/BDC/DC is down. Instead of having the whole building run after me (the admin), people can still logon to there usual computer, where usual means a computer where the user was one of the last 10 (by default I believe, configurable via group policies) to log on that computer.
By the way, cached credentials are stored under the LSA Secrets registry key HKLM\SECURITY\Policy\Secrets. NT4 pre sp3 was very vulnerable to LSA secrets theft as they were in cleartext. Post SP3 and W2k which encrypt them with syskey are still somewhat vulnerable to lsadump2 which uses dll injection to "get arround" syskey, but require the SeDebugPrivilege which only the Administrator account has by default. Still, if one were to get admin access first, lsa secrets are up for grabs!
Granted, this introduces some level of insecurity, but the practical factor to this usually outweights it.
You can however disable caching by setting the number of last logons cached to 0 using local/group policies.
Credit travels up, blame travels down -- The Boss