Interesting Security "Flaw" I Found...
Posted: Fri Oct 24, 2008 10:05 am
The solution is as obvious as daylight, but here's what happens (at least for me on Windows Vista Business SP1): I was going to log onto my laptop this morning before I went to class, but I didn't. I did, however, type my password in its entirety. The computer was sitting at the logon screen because it had been restarted to install updates. I closed the lid, took the machine with me to class and opened it again. My password was still there, so anyone who had physical possession of the machine could have logged in without knowing my password had they pressed [ENTER].
Obviously, you shouldn't type your password and then not logon, but in the even that you do you could compromise your machine's security. I will bet money this screws over some stupid person either in corporate or government and results in a data breach.
Obviously, you shouldn't type your password and then not logon, but in the even that you do you could compromise your machine's security. I will bet money this screws over some stupid person either in corporate or government and results in a data breach.