Sounds like MDAC 2.1 is the solution for this problem. It provides the ability to enable or disable saving of the password. If password saving is enabled, a dialogue appears each time that the password is saved, reminding the user that this is being done. The registry key that governs this functionality is: HKEY_CLASSES_ROOT\CLSID\{2206CDB2-19C1-11D1-89E0-00C04FD7A829}\fDPS. Setting the value to a DWORD of 1 disables password saving. Regards, Secureat_private > >-----Original Message----- >From: veiled aspect [mailto:veiled_aspectat_private] >Sent: Wednesday, July 14, 1999 7:33 PM >To: ntbugtraqat_private; bugtraqat_private; >Security - Corporate Security Services >Subject: ms oledb data links > > >create a data link for OLE DB provider database connections & you'll see >that MS stores the password for your database acct. in clear text in the >.udl file. Double-clicking the file opens it with asterisks in the >password > >field, but just open it in notepad for all the world to see. > >it's fine if you use Windows NT integrated security. > >data links have been around since ADO 2.0. > >-tripp >trippat_private > > >_______________________________________________________________ >Get Free Email and Do More On The Web. Visit http://www.msn.com
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:54:35 PDT