[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Win95 password caching

I was under the impression that MS used some variation of DES for encrypting
the password lists (obviously much more secure than the nonsense XOR
encryption used for the screen savers).


>This was not the question. He wants to prevent local Windows passwords
>from being created for network-only users. This is a serious security
>issue, because if a user enters her real network password for the Windows
>password, and someone else later picks up the .PWL files, which are not
>encrypted in a particularly secure way, then someone can get unauthorized
>access to the network as the previous user(s).