Hi,
I've realized that one can login to a machine that is joined to the domain and extract all the passwords in clear text using some tool(the users that once logged to the machine).
I thought windows passwords are encrypted such that no one can extract to clear text, i have checked the accounts to ensure reversible encryption is not enabled.
How can i protect myself from this.
Meshack