W2K Pro password files

Archived from groups: microsoft.public.win2000.security (More info?)

They [password hash] are in the system folder and by default already locked
down in that regular users can not access [sam file] them and delete them
from within the operating system. Anyone who has physical access to your
computer could possibly obtain your user passwords, so physical security is
paramount to protecting passwords. Also never use the Internet Explorer save
password option or use your user password for anything else such as for you
email account. You can further strengthen the security of your passwords my
making them at least ten random characters long and using four characters
such as upper and lower case, numeric, and other keyboard characters OR use
pass phrases of at least 20 characters in length such as I forget my 2stupid
password leaving the spaces in the passphrase. In my opinion writing down a
strong password or pass phrase is fine as long as it is not available to
others. In addition see the link below on how to disable storage of lm
hashes on your computer which will require you to change your password to
make it take effect. --- Steve

http://support.microsoft.com/defau [...] S;q299656& --- this
may prevent Windows 98 computers from accessing a share on your computer.

"ralphnac" <ralphnac@discussions.microsoft.com> wrote in message
news:082009E7-B3F1-42D3-8460-E35FDA026068@microsoft.com...
> What are the names of all files associated with the password process,
> i.e.,
> creation, storage, encryption, etc.? I need to know which ones to
> lockdown
> and protect.