Cached Windows passwords sound risky -- but aren't
I deal with a lot of customers who area worried about Windows password attacks. These days, the biggest fear is of pass-the-hash attacks, a topic I've written about many times in the past couple of years.
Often, when customers voice concern about pass-the-hash attacks, they ask me about cached log-ons in Windows. They've heard about the vulnerability and have read one or more whitepapers about it. Even Microsoft recommends disabling cached log-ons.
In fact, cached Windows log-ons aren't a big risk at all. I'll tell you why in a minute, but first, let's review the basics.
- Mon, 2014-03-10 23:19
- Thu, 2013-10-31 01:01
- Tue, 2013-08-06 01:44