Q

Security considerations when resetting passwords

What are the security considerations when resetting passwords?
Let us say, for example, that you are at a Win2k Pro desktop doing the password reset via Active Directory (AD) for users and computers. The focus of the MMC console is on the domain controller where you authenticated at log on. When you reset the password, you do not transfer the new password in clear text. It is passed in encrypted format over a secure channel between your desktop and the server. The new password is not stored as clear text in AD. It is hashed in such a way that the original password cannot be recovered and the hash is stored. There are caveats for legacy LanMan passwords but this is the gist of the process. Therefore, the main security consideration is that you, as the administrator, know the user's password. You can avoid this problem by setting the account control so that the user must change that password immediately after logging on.
This was last published in July 2001

Dig Deeper on Windows Disaster Recovery and Business Continuity

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close