View Full Version : Stored passwords on stolen laptop
January 11th 05, 11:44 AM
We recently had a notebook stolen. How many domain passwords does a XP pro
client store. How secure are those passwords? I would be hard pressed to
remember how domain users have used that notebook. Do I need to have
everybody reset their passwords?
Thanks,
Zed
Dusko Savatovic
January 11th 05, 01:12 PM
Yes! Those passwords are compromised.
Inform or initiate password change for everyone. Immediately.
Dusko Savatovic
> wrote in message ...
> We recently had a notebook stolen. How many domain passwords does a XP pro
> client store. How secure are those passwords? I would be hard pressed to
> remember how domain users have used that notebook. Do I need to have
> everybody reset their passwords?
>
> Thanks,
> Zed
Bruce Chambers
January 12th 05, 02:46 AM
wrote:
> We recently had a notebook stolen. How many domain passwords does a XP pro
> client store.
By default, WinXP will store a maximum of 10 sets of cached domain
credentials. This number, however, can be raised to the absolute
maximum of 50 by means of a simple registry edit.
> How secure are those passwords?
The passwords are not at all secure, as you've lost physical control of
the computer. It takes only a few seconds and Google to find many
password-cracking utilities on the Internet.
.. I would be hard pressed to
> remember how domain users have used that notebook. Do I need to have
> everybody reset their passwords?
>
That would certainly be best, if you want to be reasonably confident of
maintaining your domain's security. If you use a standard password for
the local Administrator account on each machine, don't forget to change
that, as well. Also, if you follow the common practice of renaming that
built-in local Administrator account, you should probably come up with a
new name.
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
January 12th 05, 05:35 AM
Yes its extremely easy to crack any passwords even those with both numbers
and letters in a matter of minutes literally, the programs that do this are
also free downloads so anyone can get thier hands on them, I would
immediately have them changed and sorry about the loss.
" wrote:
> We recently had a notebook stolen. How many domain passwords does a XP pro
> client store. How secure are those passwords? I would be hard pressed to
> remember how domain users have used that notebook. Do I need to have
> everybody reset their passwords?
>
> Thanks,
> Zed
>
vBulletin® v3.6.4, Copyright ©2000-2024, Jelsoft Enterprises Ltd.