 |
|
|
 Welcome to the Virus.Org Mailing List Archive |
||
 |
||
|
||
|
I'm thinking that the general idea is that if someone's going to use autologon in the first place, you're not throwing much of a speedbump up by encrypting the password in the registry. If the registry is network-accessible without authentication, the machine is pretty vulnerable; if it's not, then the attacker needs access to the machine itself, and again, the machine is already logged in and therefore pretty vulnerable. > -----Original Message----- > From: wirepair [mailto:[EMAIL PROTECTED] > Sent: Wednesday, January 28, 2004 3:40 PM > To: [EMAIL PROTECTED] > Subject: encrypting Autologon credentials? > > > lo all, > I'm curious if anyone has ever seen anything on encrypting > the "Autologon" feature of Windows. I know its a terrible > practice to keep it in the cleartext in the registry so I was > curious if anyone has tried to make this feature more secure. > I did some google searches but turned up with nada. Any info > appreciated, -wire > -- > Visit Things From Another World for the best > comics, movies, toys, collectibles and more. > http://www.tfaw.com/?qt=wmf > > > -------------------------------------------------------------- > ------------- > -------------------------------------------------------------- > -------------- > > --------------------------------------------------------------------------- ----------------------------------------------------------------------------
|
All Trademarks Acknowledged.
Please view our Terms and Conditions and our Privacy Policy.