Folks, If you change a user's password in XP Professional you lose access to all the 'secrets' stored in the profile, as they are protected using a function of the user's hashed password. Secrets being any sensitive data protected using the appropriate CryptoAPI functions. This can include EFS certificates and associated private keys, Passport information, and credentials to use when surfing to password-protected web-sites. I suggest you read the XP Resource Kit for further details. One thing to note: a local user account (not a domain account) can create a disk to backup their passwords (not secrets). This disk can be used in conjunction with several hacking tools to overcome the problems associated with a reset of a user's account password. The disk should not be stored with a laptop or near a user's desktop! John ----------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Thu Jan 30 2003 - 11:13:26 PST