Re: Windows XP and ISA
- From: "Thomas W. Shinder" <tshinder@xxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 8 Mar 2002 14:45:15 -0600
Hi Brian,
Although a little off topic, you bring up the great dangers of the
"single sign-in" issue. Using the same password for all resources
certainly gives the bad guys the "keys to the mint".
Thanks!
Tom
-----Original Message-----
From: Brian K. Dore' [mailto:bkd@xxxxxxxxxxxxx]
Sent: Friday, March 08, 2002 2:42 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Windows XP and ISA
http://www.ISAserver.org
John said:
> Isn't having a XP Home computer with the user's name and password the
> same as a domain user's name and password a security risk?
Sure it is, but by those standards having domain users is a security
risk. <grin> Seriously though, anytime someone uses a home machine to
connect into the office they are likely to do this, and having the
password stored in the XP SAM is way better than anything Windows 9x
will do. You would want to avoid it if you could, but that's up to your
users, not you. They probably also already use their domain password
for access to their AOL service, hotmail account, e-bay account and for
blocking r-rated movies from the kids on the cable box. You definitely
want to avoid a situation like this for domain administrative accounts.
Anyone with an administrative account should know better.
Brian
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
