Q

How can I stop users from sharing their passwords?

I have a Proxy server (ISA Server) running on a 2000 Server Platform. It's used for authenticating users for browsing on my network, but the users have to log on to the domain which uses a NT 4 Platform. I noticed that users are giving out their password for others to browse on their PC. This is congesting my network. Is there anything I can do to make sure that only one session for a user can run on the ISA server at any given time?...

I'm not a serious ISA guru, but I will refer you to the forums on www.isaserver.org, which is run by Tom Shinder who is an absolute authority on the matter. I know that for Windows connectivity generally, you can use the cconnect.exe utility from the 2K resource kit to limit users to a single concurrent connection.

However, from a security standpoint you should also take non-technical steps to try to alleviate the "users sharing passwords" problem, because it is a huge breach of security on your network. It's a good step to figure out how to limit your users to a single connection, but the larger problem (to me, at least) is stopping your users from sharing their passwords in the first place. Depending on the current configuration of your account and password policies, I would begin mandating more frequent password changes and account lockouts to drive home the point.

This was first published in April 2004

Dig deeper on Enterprise Infrastructure Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close