Microsoft Windows Vista Community Forums - Vistaheads
Recommended Download



Welcome to the Microsoft Windows Vista Community Forums - Vistaheads, YOUR Largest Resource for Windows Vista related information.

You are currently viewing our boards as a guest which gives you limited access to view most discussions and access our other features. By joining our free community you will have access to post topics, communicate privately with other members (PM), respond to polls, upload content and access many other special features. Registration is fast, simple and absolutely free so , join our community today!

If you have any problems with the registration process or your account login, please contact us.

Driver Scanner

Question for PA Bear: Security and UserID and Passwords in IE

microsoft.public.internetexplorer.general






Speedup My PC
Reply
  #1 (permalink)  
Old 09-26-2008
BobJam
 

Posts: n/a
Question for PA Bear: Security and UserID and Passwords in IE
Have started a new thread here . . . previously "hijacked" BobLink's thread
on a similar topic.

I have always thought that keeping a user ID and Password maintained in IE
is inherently insecure. Or is it encrypted (which still wouldn't make it
100% secure . . . I don't think there is such a thing . . . but at least
encryption is better than none).

You're a security kinda' guy, PA Bear, so waddya think??


Reply With Quote
Sponsored Links
  #2 (permalink)  
Old 09-26-2008
Leonard Grey
 

Posts: n/a
Re: Question for PA Bear: Security and UserID and Passwords in IE
If you're referring to the AutoComplete feature of Internet Explorer,
your logon IDs and passwords are encrypted and stored in the registry.
It's not the strongest encryption in the world, but strong enough to
dissuade the majority of exploits, that are looking for easier marks.

FWIW I do not use AutoComplete to store passwords since third-party
software that has more features, in addition to stronger (virtually
unbreakable)encryption.
---
Leonard Grey
Errare humanum est

"A Day in the Life of a Web 2.0 Hacker" - PC Magazine
http://www.pcmag.com/article2/0,2817,2330952,00.asp

BobJam wrote:
> Have started a new thread here . . . previously "hijacked" BobLink's thread
> on a similar topic.
>
> I have always thought that keeping a user ID and Password maintained in IE
> is inherently insecure. Or is it encrypted (which still wouldn't make it
> 100% secure . . . I don't think there is such a thing . . . but at least
> encryption is better than none).
>
> You're a security kinda' guy, PA Bear, so waddya think??
>
>

Reply With Quote
  #3 (permalink)  
Old 09-26-2008
BobJam
 

Posts: n/a
Re: Question for PA Bear: Security and UserID and Passwords in IE
So, can you give me some links to that type of third party software you
speak of??

"Leonard Grey" <l.grey@invalid.invalid> wrote in message
news:eA$k0V9HJHA.2580@TK2MSFTNGP05.phx.gbl...
> If you're referring to the AutoComplete feature of Internet Explorer, your
> logon IDs and passwords are encrypted and stored in the registry. It's not
> the strongest encryption in the world, but strong enough to dissuade the
> majority of exploits, that are looking for easier marks.
>
> FWIW I do not use AutoComplete to store passwords since third-party
> software that has more features, in addition to stronger (virtually
> unbreakable)encryption.
> ---
> Leonard Grey
> Errare humanum est
>
> "A Day in the Life of a Web 2.0 Hacker" - PC Magazine
> http://www.pcmag.com/article2/0,2817,2330952,00.asp
>
> BobJam wrote:
>> Have started a new thread here . . . previously "hijacked" BobLink's
>> thread on a similar topic.
>>
>> I have always thought that keeping a user ID and Password maintained in
>> IE is inherently insecure. Or is it encrypted (which still wouldn't make
>> it 100% secure . . . I don't think there is such a thing . . . but at
>> least encryption is better than none).
>>
>> You're a security kinda' guy, PA Bear, so waddya think??
>>


Reply With Quote
  #4 (permalink)  
Old 09-26-2008
Leonard Grey
 

Posts: n/a
Re: Question for PA Bear: Security and UserID and Passwords in IE
There must be a zillion of these on the internet. What works for me may
be anathema for you. If you're looking for a starting point you could do
worse than this:

"Password managers keep your login data handy"
http://windowssecrets.com/2008/09/18...gin-data-handy


---
Leonard Grey
Errare humanum est

"A Day in the Life of a Web 2.0 Hacker" - PC Magazine
http://www.pcmag.com/article2/0,2817,2330952,00.asp

BobJam wrote:
> So, can you give me some links to that type of third party software you
> speak of??
>
> "Leonard Grey" <l.grey@invalid.invalid> wrote in message
> news:eA$k0V9HJHA.2580@TK2MSFTNGP05.phx.gbl...
>> If you're referring to the AutoComplete feature of Internet Explorer, your
>> logon IDs and passwords are encrypted and stored in the registry. It's not
>> the strongest encryption in the world, but strong enough to dissuade the
>> majority of exploits, that are looking for easier marks.
>>
>> FWIW I do not use AutoComplete to store passwords since third-party
>> software that has more features, in addition to stronger (virtually
>> unbreakable)encryption.
>> ---
>> Leonard Grey
>> Errare humanum est
>>
>> "A Day in the Life of a Web 2.0 Hacker" - PC Magazine
>> http://www.pcmag.com/article2/0,2817,2330952,00.asp
>>
>> BobJam wrote:
>>> Have started a new thread here . . . previously "hijacked" BobLink's
>>> thread on a similar topic.
>>>
>>> I have always thought that keeping a user ID and Password maintained in
>>> IE is inherently insecure. Or is it encrypted (which still wouldn't make
>>> it 100% secure . . . I don't think there is such a thing . . . but at
>>> least encryption is better than none).
>>>
>>> You're a security kinda' guy, PA Bear, so waddya think??
>>>

>

Reply With Quote
  #5 (permalink)  
Old 09-26-2008
PA Bear [MS MVP]
 

Posts: n/a
Re: Question for PA Bear: Security and UserID and Passwords in IE
What Leonard said.

BobJam wrote:
> Have started a new thread here . . . previously "hijacked" BobLink's
> thread
> on a similar topic.
>
> I have always thought that keeping a user ID and Password maintained in IE
> is inherently insecure. Or is it encrypted (which still wouldn't make it
> 100% secure . . . I don't think there is such a thing . . . but at least
> encryption is better than none).
>
> You're a security kinda' guy, PA Bear, so waddya think??


Reply With Quote
  #6 (permalink)  
Old 09-26-2008
BobJam
 

Posts: n/a
Re: Question for PA Bear: Security and UserID and Passwords in IE
Oh . . . here's a real duhhhhh . . . moment for me. I already have one. I
didn't realize you were talking about password managers. Actually, I was
just wondering if IE had the same sophisticated encryption they have.
Apparently not.


"Leonard Grey" <l.grey@invalid.invalid> wrote in message
news:%23JfMgc$HJHA.2272@TK2MSFTNGP04.phx.gbl...
> There must be a zillion of these on the internet. What works for me may be
> anathema for you. If you're looking for a starting point you could do
> worse than this:
>
> "Password managers keep your login data handy"
> http://windowssecrets.com/2008/09/18...gin-data-handy
>
>
> ---
> Leonard Grey
> Errare humanum est
>
> "A Day in the Life of a Web 2.0 Hacker" - PC Magazine
> http://www.pcmag.com/article2/0,2817,2330952,00.asp
>
> BobJam wrote:
>> So, can you give me some links to that type of third party software you
>> speak of??
>>
>> "Leonard Grey" <l.grey@invalid.invalid> wrote in message
>> news:eA$k0V9HJHA.2580@TK2MSFTNGP05.phx.gbl...
>>> If you're referring to the AutoComplete feature of Internet Explorer,
>>> your logon IDs and passwords are encrypted and stored in the registry.
>>> It's not the strongest encryption in the world, but strong enough to
>>> dissuade the majority of exploits, that are looking for easier marks.
>>>
>>> FWIW I do not use AutoComplete to store passwords since third-party
>>> software that has more features, in addition to stronger (virtually
>>> unbreakable)encryption.
>>> ---
>>> Leonard Grey
>>> Errare humanum est
>>>
>>> "A Day in the Life of a Web 2.0 Hacker" - PC Magazine
>>> http://www.pcmag.com/article2/0,2817,2330952,00.asp
>>>
>>> BobJam wrote:
>>>> Have started a new thread here . . . previously "hijacked" BobLink's
>>>> thread on a similar topic.
>>>>
>>>> I have always thought that keeping a user ID and Password maintained in
>>>> IE is inherently insecure. Or is it encrypted (which still wouldn't
>>>> make it 100% secure . . . I don't think there is such a thing . . . but
>>>> at least encryption is better than none).
>>>>
>>>> You're a security kinda' guy, PA Bear, so waddya think??
>>>>

>>



Reply With Quote
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
RE: USERID/PW Mick Murphy microsoft.public.windows.vista.installation setup 0 08-10-2008 10:07
Bear Stearns Employees Bear the Bad News Sternly Steve General Technology News 0 03-18-2008 18:10
Online security: So many passwords, so many risks Steve Security News 0 12-07-2007 04:11
Off the wire: Online security: many passwords and many risks Steve Security News 0 11-22-2007 09:30
Security researcher intercepts embassy passwords from Tor Paul Security News 0 09-10-2007 18:11




All times are GMT +1. The time now is 08:00.




Driver Scanner - Free Scan Now

Vistaheads.com is part of the Heads Network. See also XPHeads.com , Win7Heads.com and Win8Heads.com.


Design by Vjacheslav Trushkin for phpBBStyles.com.
Powered by vBulletin® Version 3.6.7
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Search Engine Optimization by vBSEO 3.6.0 RC 2

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120