Re: Webmail authentication

[<wbjw () mindspring com>]

Can you talk them into using two factor authentication mechanisms such as
SecureID/ACE or perhaps use PKI?  If portability is an issue, RSA has modules
that will allow you to dynamically and securely authenticate from anywhere
using SecureID and a ACE server.  You can also store digital certs on a token
from Rainbow or other (USB so no reader necessary) and use IIS's support of
PKI and certificate authentication/mapping to your NT accounts.

Passwords will always equal non secure.

Walt

On Wed, 18 Dec 2002 12:28:50 -0800 David Brown <David.Brown () synergex com>
wrote:

> My company is working on a webmail
> implementation, which requires that the user
> authenticate to an NT domain.  Regardless of
> the authentication method, there is always an
> option in the login dialog to 'Save this
> password in your password list', which seems to
> be browser driven.  I don't want my user
> population saving their passwords to various
> computers all over the world.  Does anyone have
> a clue how to remove or disable this option?
>
> David M. Brown
> Director, IT Services
> S Y N E R G E X
>
> Office: 916 853-0396
> Mobile: 916 718-6695
> FAX:    916 635-6549
>