![]() Each saved hash is stored in the NL$x parameter (where x is a cached data index). If the Active Directory domain is not available, Windows checks if the entered username and password match the local cache and allows local logon to the computer.Ĭached credentials are stored in the registry under the reg key HKEY_LOCAL_MACHINE\Security\Cache ( %systemroot%\System32\config\SECURITY). If the user password in AD has been changed after the last logon to the computer and the computer has been offline (without access to the domain network), the user will be able to login computer with the old password. If the domain password policy forces a user change the password, the saved password in the local cache won’t change until the user logs on with a new password. ![]() ![]() User password in cashed credentials never expires. Security Risks of Cached Windows CredentialsĬaching Domain User Credentials on WindowsĬached credentials may be used to logon to Windows if a user has authenticated on this computer at least once and their domain password has not been changed since then.Configuring Cached Credentials with Group Policy.Caching Domain User Credentials on Windows.
0 Comments
Leave a Reply. |