Making the local administrator passwords unique
One of the problems of almost all companies is that the local admin passwords for Windows clients are the same for all clients. This implies that if you get one of the client computer's local admin password, you can use it for all the company computers. Further, if you are not using a disc encryption solution, obtaining the hash of the Security Account Manager (SAM) file password is very easy. The worse bit is that Windows enables the use of hash to authenticate, which means that you can directly use the hash to log in to other computers and do not need to crack the hash to get the real password. The solution to this problem is to differentiate the local admin password and make it unique for all ...
Get Learning Puppet for Windows Server now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.