Problem solve Get help with specific problems with your technologies, process and projects.

Can I disable the '/savecred' option in RunAs?

The RunAs utility in WinXP Pro has a /savecred option. Is there a GPO setting to disable this on administrator workstations so passwords must be provided by admins?
Sadly, there doesn't seem to be one. Many people have lamented the fact that the /savecred option in RunAs can be a massive security hole. With this in mind, I've recommended in the past not using RunAs to run programs in the context of an administrator, simply because it's too easily defeated. There are a number of better solutions, such as TQRunas, which allows you to run programs as administrator without revealing administrator credentials to the end user. CPAU is another (freeware) solution to the same problem, again with some more attention paid to security.

Dig Deeper on Windows Server troubleshooting

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.