Trying to add some documented references to the two sides of this issue I have found the following statement in a Microsoft Press book. ----------------------------------------- Book: Microsoft Windows Security for Windows XP and Windows 2000 Inside Out Publisher: Microsoft Press Copyright: 2003 ISBN: 0-7356-1632-9 Pages: 111-112 Background: Statement made in reference to using Syskey to add an additional layer of login protection for Windows based systems. Statement: "Caution: Bear in mind that this added startup requirement provides no additional protection once the computer is up and running. That is, if an attacker can reach your unattended computer while an administrator account is logged on, your passwords can be stolen. An attacker can steal the LSASS cache of hashed passwords and copy it to a floppy disk in seconds. Again, it comes down to physical security: Unless your computer is always guarded by a person or a locked door, be sure to log off when you leave the computer and ensure that all user accounts are password protected." ----------------------------------------- This article might be useful for those locking their servers. http://www.microsoft.com/technet/prodtechnol/windows2000pro/tips/loccon.mspx Keith Duemling //end