We recently had a notebook stolen. How many domain passwords does a XP pro
client store.
By default, WinXP will store a maximum of 10 sets of cached domain
credentials. This number, however, can be raised to the absolute
maximum of 50 by means of a simple registry edit.
How secure are those passwords?
The passwords are not at all secure, as you've lost physical control of
the computer. It takes only a few seconds and Google to find many
password-cracking utilities on the Internet.
.. I would be hard pressed to
remember how domain users have used that notebook. Do I need to have
everybody reset their passwords?
That would certainly be best, if you want to be reasonably confident of
maintaining your domain's security. If you use a standard password for
the local Administrator account on each machine, don't forget to change
that, as well. Also, if you follow the common practice of renaming that
built-in local Administrator account, you should probably come up with a
new name.
--
Bruce Chambers
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH