Q

Security considerations when resetting passwords

What are the security considerations when resetting passwords?
Let us say, for example, that you are at a Win2k Pro desktop doing the password reset via Active Directory (AD) for users and computers. The focus of the MMC console is on the domain controller where you authenticated at log on. When you reset the password, you do not transfer the new password in clear text. It is passed in encrypted format over a secure channel between your desktop and the server. The new password is not stored as clear text in AD. It is hashed in such a way that the original password cannot be recovered and the hash is stored. There are caveats for legacy LanMan passwords but this is the gist of the process. Therefore, the main security consideration is that you, as the administrator, know the user's password. You can avoid this problem by setting the account control so that the user must change that password immediately after logging on.
This was first published in July 2001
This Content Component encountered an error

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close