How Are You Storing Your Passwords? | Titania
0

Windows systems have the option to store passwords using reversible encryption. When enabled, passwords are stored in a form which can be easily decrypted by the system in order to obtain the users password. This is useful for protocols and applications that need to make use of the user passwords to authenticate against other systems. However, it also means that an attacker who has gained access to the encrypted passwords can, with a small amount of effort, decrypt them. This would then enable the attacker to gain unauthorized access to other systems.

Unless you have specific applications or legacy components that require the ability to access decrypted passwords, this option should be disabled.

Titania’s Free Risk Assessment Tool will spot if passwords are being stored with reversible encryption,  explain the risks in simple language, and give you relevant weblinks and references so that you can make sure your computer is secure and even more compliant with established security standards such as Cyber Essentials or ISO/IEC 27001.

To give you and your company even more peace of mind, enhancing your security above what’s available with your Free Risk Assessment Tool, you can download a FREE trial of Paws Studio from https://www.titania.com/products/free-trial/paws-studio

As well as giving you a complete picture of how your entire network of computers stores passwords, be that with reversible or non-reversible encryption, Paws Studio will find additional risks and operating system vulnerabilities across all of your Windows, Linux & Mac OS X workstations, servers, laptops and cloud systems. Examples include checking that anti-malware software is installed and up to date, computer screens are locking after a period of time, Windows and Microsoft product updates are being downloaded and installed correctly, and that a password policy is being enforced. To find out more visit the Paws Studio information page at https://www.titania.com/products/paws-studio

In our connected world, with more and more devices publicly available on the internet, security is paramount. Titania provides proactive, tailored security solutions to clients around the world, helping them to increase their operational efficiency, reduce their costs, and ensure they are compliant with the strictest security standards. Titania’s products are built for the most exacting of environments - our clients include the global banks, payment providers such as Visa and MasterCard, governments and law enforcement agencies.