|
Posted by Paul Adare on December 15, 2005, 3:43 am
Please log in for more thread options microsoft.public.windows.server.security news group, Vanguard
> And how do USB keys that have the password recorded on them improve security
> or force logoffs? The users will just leave the USB stick in the USB port
> all the time. That means they will still always be logged in. That also
> means that anyone can come along and grab the USB stick, copy its contents,
> and [maybe] return it to hide that they stole the password. As far as
> logging them off, why are you pushing a policy which has them forced off
> after so many minutes of inactivity?
>
The USB keys being referred to here are USB form factor smart cards (or
some other type of two factor auth like RAS SecureID). They do not
contain passwords and you cannot simply copy off the authentication
mechanism.
--
Paul Adare
MVP - Windows - Virtual Machine
http://www.identit.ca/blogs/paul/
"The English language, complete with irony, satire, and sarcasm, has
survived for centuries without smileys. Only the new crop of modern
computer geeks finds it impossible to detect a joke that is not clearly
labeled as such."
Ray Shea
| 
XML Sitemap