Hows Windows stores passwords and how passwords can be attacked
I was forwarded this by a colleague last week and found it interesting reading. It's a short article written by Jesper Johannson and published last month up on TechNet. It raises many good questions, many of which arise on a frequent basis, but after IT Forum last week, I can kind of now understand why the AD administrators here in Microsoft use smart cards and seperate accounts for elevated privileges to perform almost all administrative functions. It was amusing when Brian, one of these administrators pulled out a bunch of some 24 different smartcards, just to perform his day job, and the mild panic he had when one of them went walkies - turned out he'd been using it as a bookmark. Just shows you everyone's human :-)