Windows Server 2003 caches UNC Password - Windows NT

This is a discussion on Windows Server 2003 caches UNC Password - Windows NT ; Hi, I have a new installed Win 2003 Server. I connect to another server (Win2K) just in order to copy some files after setup. I used UNC (\\serevr\folder format) at Start / Run. A pop-up, captioned "Connect to", appears prompting ...

+ Reply to Thread
Results 1 to 6 of 6

Thread: Windows Server 2003 caches UNC Password

  1. Windows Server 2003 caches UNC Password

    Hi,

    I have a new installed Win 2003 Server. I connect to another server
    (Win2K) just in order to copy some files after setup. I used UNC
    (\\serevr\folder format) at Start / Run. A pop-up, captioned "Connect
    to", appears prompting for user ID and password of the remote server.
    All these make sense EXCEPT at the pop-up there is a checkbox
    "Remember my password" which I checked.

    I thought it will cache my password for the current session and when I
    log-off it will be gone. Now it sticks to my machine no matter I
    reboot / logout. That's a great security risk.

    Questions:
    1) How to remove the cached password from my server?
    2) How to disable the checkbox from appearing?

    Big thanks!

  2. Re: Windows Server 2003 caches UNC Password

    On 23 Apr 2004 19:26:18 -0700, cdars@hotmail.com (CDARS) wrote in
    comp.os.ms-windows.programmer.win32,
    comp.os.ms-windows.networking.windows,
    comp.os.ms-windows.nt.admin.security, comp.os.ms-windows.nt.admin.misc:
    [FU set to comp.os.ms-windows.nt.admin.security]

    >I have a new installed Win 2003 Server. I connect to another server
    >(Win2K) just in order to copy some files after setup. I used UNC
    >(\\serevr\folder format) at Start / Run. A pop-up, captioned "Connect
    >to", appears prompting for user ID and password of the remote server.
    >All these make sense EXCEPT at the pop-up there is a checkbox
    >"Remember my password" which I checked.
    >
    >I thought it will cache my password for the current session and when I
    >log-off it will be gone. Now it sticks to my machine no matter I


    I think it sticks to your user profile, not the machine.

    >reboot / logout. That's a great security risk.


    Could you elaborate on why you think this is a security risk?

    >Questions:
    >1) How to remove the cached password from my server?


    Remove the user profile. You didn't do this while logged in as
    Administrator, right?

    >2) How to disable the checkbox from appearing?


    Just don't tick it if you don't want the system to do what the label on
    the tickbox says it will do.

    --
    Michael Bednarek http://mbednarek.com/ "POST NO BILLS"

  3. Re: Windows Server 2003 caches UNC Password

    On 2004-04-24, Michael Bednarek <> wrote:

    > On 23 Apr 2004 19:26:18 -0700, cdars@hotmail.com (CDARS) wrote:
    >
    >>I have a new installed Win 2003 Server. I connect to another server
    >>(Win2K) just in order to copy some files after setup. I used UNC
    >>(\\serevr\folder format) at Start / Run. A pop-up, captioned "Connect
    >>to", appears prompting for user ID and password of the remote server.
    >>All these make sense EXCEPT at the pop-up there is a checkbox
    >>"Remember my password" which I checked.
    >>
    >>I thought it will cache my password for the current session and when I
    >>log-off it will be gone. Now it sticks to my machine no matter I

    >
    > I think it sticks to your user profile, not the machine.
    >
    >>reboot / logout. That's a great security risk.

    >
    > Could you elaborate on why you think this is a security risk?


    If other people have physical access to the machine, they will be a ble to
    use his identity.

    >>Questions:
    >>1) How to remove the cached password from my server?

    >
    > Remove the user profile. You didn't do this while logged in as
    > Administrator, right?


    Why not just change the password, and then untick "remember password" when
    it prompts you for the new passowrd.

    --

    -John (john@os2.dhs.org)

  4. Re: Windows Server 2003 caches UNC Password

    Hi,

    Thanks for your advice. Now I understand that I am a beginner in
    Win2k3 server...

    Start => Control Panel => Stored User Names and Passwords

    You can see a list of stored password by site. Just delete or edit as
    you like.
    As soon as there is a console controlling it, it is ok. Imagine you
    have a server will some unknown passwords to other servers. Your
    server can be the start-point for an attack.

    Now a follow-up question:
    I map a network drive and select "re-connect at logon". After logging
    off the mapped drive is always disconnected. It prompts for a valid
    password when you click on it, which of course the password I entered
    was correct at the time I mapped the drive.

    The problem is solved when I added the logon information at "Stored
    User Names and Passwords". But I wonder should it be a correct
    practice.

    Any idea on this?

  5. Re: Windows Server 2003 caches UNC Password


    "CDARS" wrote in message
    news:97ec88b8.0404252321.715d1213@posting.google.c om...
    > Hi,
    >
    > Thanks for your advice. Now I understand that I am a beginner in
    > Win2k3 server...
    >
    > Start => Control Panel => Stored User Names and Passwords
    >
    > You can see a list of stored password by site. Just delete or edit as
    > you like.
    > As soon as there is a console controlling it, it is ok. Imagine you
    > have a server will some unknown passwords to other servers. Your
    > server can be the start-point for an attack.

    Well.. many things are possibly possible.... but in this case the hacker
    would first have to impersonate yourself and then happen to find out
    which drive is connected to somewhere else with some specific account
    and then find out what do to with the information on that share...

    > Now a follow-up question:
    > I map a network drive and select "re-connect at logon". After logging
    > off the mapped drive is always disconnected. It prompts for a valid
    > password when you click on it, which of course the password I entered
    > was correct at the time I mapped the drive.
    >
    > The problem is solved when I added the logon information at "Stored
    > User Names and Passwords". But I wonder should it be a correct
    > practice.


    No.. correct practice would be to have domain policy disable that
    checkbox and you use an account that has the needed remote share
    permissions by default. In addtion you "may" use Start->Run
    \\server\share and have it ask for password for that session.
    Such connections you can remove using
    net use \\server\share /d

    - Sten



  6. Re: Windows Server 2003 caches UNC Password

    Hi,

    Thanks for the advice. I wanna review more of my situation and see
    what you may suggest.

    >>>>>>>>>>


    2 Server. 1 Win2K, 1 Win2K3.
    Win2K at WORKGROUP. W2K3 at AD Domain. (Strange but don't ask why.)
    To copy files in daily schedule from Win2K3 to Win2K.
    As you know, scheduled task cannot see mapped drive. Obviously I don't
    want to code the password in the "net use" command in clear text.
    >>>>>>>>>>


    Current Solution:
    There is a operator account in the Win2K server. I create an entry at
    the "Stored User Names and Passwords" for that account. Then at the
    scheduled task I just code \\. It logon automatically
    using the stored ID and password.
    >>>>>>>>>>


    What would be the best practice for this situation?
    Thanks.



    "Sten Westerback" wrote in message news:...
    > "CDARS" wrote in message
    > news:97ec88b8.0404252321.715d1213@posting.google.c om...
    > > Hi,
    > >
    > > Thanks for your advice. Now I understand that I am a beginner in
    > > Win2k3 server...
    > >
    > > Start => Control Panel => Stored User Names and Passwords
    > >
    > > You can see a list of stored password by site. Just delete or edit as
    > > you like.
    > > As soon as there is a console controlling it, it is ok. Imagine you
    > > have a server will some unknown passwords to other servers. Your
    > > server can be the start-point for an attack.

    > Well.. many things are possibly possible.... but in this case the hacker
    > would first have to impersonate yourself and then happen to find out
    > which drive is connected to somewhere else with some specific account
    > and then find out what do to with the information on that share...
    >
    > > Now a follow-up question:
    > > I map a network drive and select "re-connect at logon". After logging
    > > off the mapped drive is always disconnected. It prompts for a valid
    > > password when you click on it, which of course the password I entered
    > > was correct at the time I mapped the drive.
    > >
    > > The problem is solved when I added the logon information at "Stored
    > > User Names and Passwords". But I wonder should it be a correct
    > > practice.

    >
    > No.. correct practice would be to have domain policy disable that
    > checkbox and you use an account that has the needed remote share
    > permissions by default. In addtion you "may" use Start->Run
    > \\server\share and have it ask for password for that session.
    > Such connections you can remove using
    > net use \\server\share /d
    >
    > - Sten


+ Reply to Thread