store password using reversible encryption

  • Thread starter Thread starter Lin
  • Start date Start date
L

Lin

if the password policy is config with "store password
using reversible encryption"
is it that user account must be config with " change
password at next logon"?


what kind of application ( any example) require the
setting of "store password using reversible encryption"?
 
The user password will not be stored in reversible encryption until they
change there password. There should be little reason to use this option and it
is a big security risk as passwords are not stored securely. It would need to be
used if Chap was used for remote access authentication or IIS is configured to
use digest authentication. You would want to avoid ever having to do this,
especially at a domain level. --- Steve

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/prodtechnol/w
inxppro/proddocs/505.asp
 
this mean to say chap and digest authentication shouldnt
be use if they have to come with "store password using
reversible encryption"?

-----Original Message-----
The user password will not be stored in
reversible encryption until they
 
It is a requirement that store password with reversible encryption be
enabled for any accounts that would authenticate via chap or digest
authentication which is a big security risk. Something to keep in mind for
anyone needing to use those two methods of authentication. --- Steve
 
thanks Steve
-----Original Message-----
It is a requirement that store password with reversible encryption be
enabled for any accounts that would authenticate via chap or digest
authentication which is a big security risk. Something to keep in mind for
anyone needing to use those two methods of authentication. --- Steve




.
 
Back
Top