Ask the Expert

Can I disable the '/savecred' option in RunAs?

The RunAs utility in WinXP Pro has a /savecred option. Is there a GPO setting to disable this on administrator workstations so passwords must be provided by admins?

    Requires Free Membership to View

Sadly, there doesn't seem to be one. Many people have lamented the fact that the /savecred option in RunAs can be a massive security hole. With this in mind, I've recommended in the past not using RunAs to run programs in the context of an administrator, simply because it's too easily defeated. There are a number of better solutions, such as TQRunas, which allows you to run programs as administrator without revealing administrator credentials to the end user. CPAU is another (freeware) solution to the same problem, again with some more attention paid to security.

This was first published in April 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: