diTii.com Digital News Hub

Sign up with your email address to be the first to know about latest news and more.

I agree to have my personal information transfered to MailChimp (more information)


Windows Single Sign-on Pron To Hackers

A mechanism used to support single sign-on in Windows-based systems could be used by hackers to cause damage across company systems, a UK security expert has warned.

Luke Jennings, a consultant at MWR InfoSecurity, will present a paper on the risk at next week’s DefCon conference in Las Vegas.

Secondary attacks on systems that use a single sign-on mechanism to log in users, such as Windows, are a growing trend, because a compromised PC can be used to easily access multiple systems.

Single sign-on enables end-users to access secure applications without having to remember several passwords. It is achieved in Windows using an access token. Once the user logs in to a Windows PC, applications that would previously require the user to log-in again only need to check the access token.

Jennings found that the use of a token could be a problem if a PC is compromised, as an attacker could use it to log into other machines and applications. This is particularly significant if the user is a system administrator with a high level of access to many systems.

Microsoft, Windows, Single sign-on, Security, Hack, Hacker, Intrusion

Source:? ComputerWeekly

Share This Story, Choose Your Platform!

Do NOT follow this link or you will be banned from the site!