It is also possible to paste passwd info on NT and Novell clients. There have been a few occasions where users have typed in their passwd and before hitting enter have decided to highlight and erase their passwd. I can come along after these unscrupolous users and right click then paste their passwd back again. -Fiji CIT Stetson University Unix System Administrator -----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3a mQCNAzOSFEwAAAEEAJ/dkb5cymjDsl51GVBiugJW263udNqxQr6R40tJGNF3yTZ2 idP4K9Pxw/1D2LQ/tOdSLJYGX6x9Y5KqJ4ZtdRVnh4pbaYVcbCwLDyWg+iy/mCpj J2R5WMrVTsTdxA4g1nzYPg30IQhy7Ll4R3JhXa9lUm4j0pdM9RTsR6Z4DLQNAAUR tBBmYXlqQHN0ZXRzb24uZWR1iQCVAwUQM5IUTBTsR6Z4DLQNAQHsMAP9F8kHBgc6 jrB0XJ4qUn1ihdigQjF0S3PqOOu1uk1kMWI7obB54ORT4b1Dw7BqUirBohJPn+ka R89Ny0U95nZFX2WoQXDtRlqdVXAC9ZAoTpljiZpM7EtDWB4SXhsoXcb+1M7Lw5Un 14aq2b9YAUGryQy1ivkz8V9du4nUB/YkNLI= =q7uq -----END PGP PUBLIC KEY BLOCK----- On Mon, 30 Mar 1998, Jim Credland wrote: > Date: Mon, 30 Mar 1998 17:31:54 +0100 > From: Jim Credland <jimat_private> > To: BUGTRAQat_private > Subject: Clipboard insecurity > > I don't know if this has been mentioned before, it was certainly new to > Microsoft when I mentioned it too them. > > If you lock your workstation it's still possible to paste the contents of the > clipboard buffer into the "User name" prompt. Not terribly clever for hiding > what you've been doing. > > Microsoft acknowledge the problem but made no promises about fixing it. > Obvious workaround. > > -- > jim credland network security > who can you trust? demon internet ltd >
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:47:35 PDT