1

My Experiment

  • I set up a simple network with two computers, both on the same work group.
  • I created a local user 'A' with password 'A' on Computer 1.
  • And then I created an identically named local user 'A' with identical password 'A' on Computer 2.

My Observation

  • What I notice is that when I'm logged in as 'A' in computer 2, I am allowed network access as 'A' in Computer 1, e.g., when browsing 'A' shared folders.

My Thoughts

  • This is ironic as even though they are the identical in name, they are actually two different local users on two different computers!
  • This to me can be a security hazard. What if coincidentally (or maliciously) a person has the same username and password in computer 2 and thus is incorrectly given access to Computer 1?

My Question:

  • What is this sharing of username and password called?
  • How do we enable/disable this sharing of identical local usernames and passwords between two computers?

I've also realized that this works during DCOM calls as well.

Scott - Слава Україні
  • 22,532
user1034912
  • 125

1 Answers1

0

So, you're being prompted for credentials, and you have the same user name and password on both workstations?

This isn't a case of Windows allowing another computer to access it's own (aka security hole). When you type in the credentials it's authenticating it against it's own local account. So, if you're trying to login to WorkstationB for example to view files, and when prompted for credentials you enter:

UserA
*********

And login, that's okay because Windows sees

WorkstationB\UserA
*********

So, trying logging in with 

WorkstationA\UserA
*********

and see if you make it in. This tells windows to look authenticate you against WorkstationA's account store instead of it's own.

MDMoore313
  • 6,336