Kittie_Killer
New Member
- Reaction score
- 0
The dial-up networking (DUN) subsystem lets you maintain a separate user name and password for each and every entry in the Phonebook. You can also use the "Save this password" checkbox which appears in the RAS Logon Dialog; when you do, that account's password will be saved in the registry.
This is very insecure especially when the machine using DUN is a lap-top - if it's stolen, the thief has automatic access to your dial-up connection if the password's been saved.
You can force DUN not to store passwords by adding the REG_DWORD value DisableSavePassword to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\RasMan\Parameters. If you set its value to 1, DUN won't display the "Save password" checkbox and it will also purge any passwords that it has previously stored.
This setting is a good candidate for inclusion in a policy template.
note: as with any editting of the registry - back it up before hand !
(the above tweak can be be found in the M$ Knowledge Base: Article Q172430)
This is very insecure especially when the machine using DUN is a lap-top - if it's stolen, the thief has automatic access to your dial-up connection if the password's been saved.
You can force DUN not to store passwords by adding the REG_DWORD value DisableSavePassword to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Services\RasMan\Parameters. If you set its value to 1, DUN won't display the "Save password" checkbox and it will also purge any passwords that it has previously stored.
This setting is a good candidate for inclusion in a policy template.
note: as with any editting of the registry - back it up before hand !
(the above tweak can be be found in the M$ Knowledge Base: Article Q172430)