Storing Secrets in Windows
In addition to storing passwords in Active Directory or SAM databases, Windows Server 2003, Windows 2000, and Windows XP store passwords and other secrets in other locations for a variety of purposes.
LSA Secrets
The Local Security Authority (LSA) maintains information about all aspects of local operating system security. The LSA performs the following tasks:
Authenticates users
Manages local security policy
Manages audit policy and settings
Generates access tokens
In addition, the LSA stores information used by the operating system, known as LSA secrets. LSA secrets include items such as persistently stored Remote Access Service (RAS) information; trust relationship passwords; and user names, passwords, and account ...
Get Microsoft® Windows® Security Resource Kit, Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
