If you as an administrator leave an unlocked PC , you have done more
than possibly breached your security to the ADSM password but your whole network
or secured applications. If properly configured the only persons having access
to this
utility is the Administrator, Domain Admins, or Backup Account Operators.



 (Embedded
 image moved   STEWAJM @ AUDUCADM.DUC.AUBURN.EDU
 to file:      11/20/96 04:39 AM
 PIC01654.PCX)




Please respond to ADSM-L AT VM.MARIST DOT EDU

To:   ADSM-L @ VM.MARIST.EDU
cc:    (bcc: Donald Craddock/DNVRULNS17/USWEST/US)
Subject:  Reply to Password Chaos with




*** Comments From: STEWAJM - Stewart, Mike; 11/20/96 12:50pm

Does anyone else consider it to be a terrible security
violation for the 32-bit windows client to store the
users password in encrypted form, but then provide
an option to decrypt it and list it in clear text??

That is just as bad a simply coding it in the
DSM.OPT file.  It means anyone who wanders by an
unlocked PC can obtain your user's passwords.

I really think the "display password" option should go.