Cached User credentials (no logon box) // Security issue???

I have a Windows 2003 Server setup in a workgroup
environment and when you try to access it from any
computer, it will ask you for a user name/password only
the 1st time. After that it caches the logon locally and
it will not ask you to authenticate every time. I want it
to ask for authentication every time.

I believe this is a security flaw because once you access
the server from one computer then anybody who sits down at
that computer could access that same server without having
to authenticate themselves.

How do you clear the cached credentials on a workstation
and how do you prevent the clients from caching
credentials?

That is not a security flaw, it is a training issue on your end. Instruct your users
to logoff when they are done using the computer. Then the next user will be denied
access to a resource unless they logon with or provide proper credentials. --- Steve


"Gilbert" <(E-Mail Removed)> wrote in message
news:278201c4a196$ad7ec830$(E-Mail Removed)...
>I have a Windows 2003 Server setup in a workgroup
> environment and when you try to access it from any
> computer, it will ask you for a user name/password only
> the 1st time. After that it caches the logon locally and
> it will not ask you to authenticate every time. I want it
> to ask for authentication every time.
>
> I believe this is a security flaw because once you access
> the server from one computer then anybody who sits down at
> that computer could access that same server without having
> to authenticate themselves.
>
> How do you clear the cached credentials on a workstation
> and how do you prevent the clients from caching
> credentials?
>
>