Cached Windows passwords sound risky -- but aren't
I deal with a lot of customers who area worried about Windows password attacks. These days, the biggest fear is of pass-the-hash attacks, a topic I've written about many times in the past couple of years.
Often, when customers voice concern about pass-the-hash attacks, they ask me about cached log-ons in Windows. They've heard about the vulnerability and have read one or more whitepapers about it. Even Microsoft recommends disabling cached log-ons.
In fact, cached Windows log-ons aren't a big risk at all. I'll tell you why in a minute, but first, let's review the basics.
- Thu, 2014-04-17 06:55
- Tue, 2014-03-25 18:30
- Thu, 2014-03-20 01:49