[prev in list] [next in list] [prev in thread] [next in thread]
List: pidgin-support
Subject: Re: Password encryption
From: John Bailey <rekkanoryo () rekkanoryo ! org>
Date: 2008-03-17 20:15:25
Message-ID: 47DED15D.7010301 () rekkanoryo ! org
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Venkatasamy,Venkat wrote:
> The helpdesk support team will have local admin access in all the
> computers. The members will be able to access the profile folders for
> all users. In this case, I belive this is a not a secure solution.
Local administrator access in itself, even to the server on which profile=
directories are stored, is not enough to decrypt the file if you are usin=
g an
Active Directory domain and your users are logging in via domain accounts=
=2E In
this scenario, only the user and the encryption administrator (which defa=
ults to
the domain's first Administrator account) at the time of the file's origi=
nal
encryption would be able to decrypt the file.
Local administrator access via an administrative account other than the d=
efault
built-in administrator account would also be insufficient where the users=
are
logging into standalone machines with local user accounts, as the encrypt=
ion
administrator on a standalone machine defaults to the built-in local
administrator account.
While it's not perfect, NTFS encryption does give a reasonable form of
protection when used intelligently. There are a number of explanations o=
f this
around on the web, as well as a number of Microsoft publications (includi=
ng the
MCP, MCSA, and MCSE training kits for the Windows 2000 Server/Advanced Se=
rver
and Windows Server 2003 products), that cover this topic quite well.
Of course, there is no such thing as unbreakable encryption. Anyone who =
wants
your data will get it with sufficient time, computing power, and determin=
ation.
John
["signature.asc" (application/pgp-signature)]
_______________________________________________
Support mailing list
Support@pidgin.im
http://pidgin.im/cgi-bin/mailman/listinfo/support
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic