[THIN] Re: OT: Storing Password with Reverse Incryption
- From: Christopher Wilson <christofire@xxxxxxxxx>
- To: thin@xxxxxxxxxxxxx
- Date: Wed, 22 Dec 2004 11:51:29 -0600
Yeah, I found the same article after this was fixed. A coworker of
mine was cleaning up inactive accounts and scaling back who had admin
access, etc. in remediation of a security audit. The service accounts
were always set not to expire, but the reverse encryption deal sounded
like a good idea to them, but it was not researched. In hind sight
this seems like an unnecessary change.
I was trying to verify my hunch that ticking this property (making no
other changes) was what broke my datastore connectivity.
It's kind of academic at this point, but thanks for the responses.
CW
On Tue, 21 Dec 2004 15:41:04 -0600, Roger Riggins
<roger.riggins@xxxxxxxxxx> wrote:
> Did you have a specific reason to enable that? This is from MS:
>
> Storing passwords using reversible encryption is essentially the same as
> storing plaintext versions of the passwords. For this reason, this
> policy should never be enabled unless application requirements outweigh
> the need to protect password information.
>
> Good luck,
> R
>
>
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
> Behalf Of Christopher Wilson
> Sent: Tuesday, December 21, 2004 6:51 AM
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: OT: Storing Password with Reverse Incryption
>
> Strangely, Andrew, the IMA service would start and stop all day until
> the local host cache was recreated at which point it would begin
> failing. I am guessing as you suggest that there is something
> specific to SQL. Several other service accounts were configured this
> we at the same time last week. Only the account to the datastore has
> manifest any problems.
>
>
> ********************************************************
> This Weeks Sponsor SeamlessPlanet.com Domain Names
> Register your .com domain name for as low as $7.85
> One of the lowest prices on the web! Part of The Kenzig Group.
> http://www.seamlessplanet.com
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ThinWiki community - Awesome SBC Search Capabilities!
> http://www.thinwiki.com
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
>
********************************************************
This Weeks Sponsor SeamlessPlanet.com Domain Names
Register your .com domain name for as low as $7.85
One of the lowest prices on the web! Part of The Kenzig Group.
http://www.seamlessplanet.com
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
ThinWiki community - Awesome SBC Search Capabilities!
http://www.thinwiki.com
***********************************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
Other related posts:
