Store password using reversible encryption for all users in the domain

Computer Configuration\Windows Settings\Security Settings\Account Policies\Password Policy


Determines whether Windows 2000 Server, Windows 2000 Professional, and Windows XP Professional store passwords using reversible encryption.

This policy provides support for applications that use protocols that require knowledge of the user's password for authentication purposes. Storing passwords using reversible encryption is essentially the same as storing plaintext versions of the passwords. For this reason, this policy should never be enabled unless application requirements outweigh the need to protect password information.

This policy is required when using CHAP authentication through remote access or IAS services. It is also required when using Digest Authentication in Internet Information Services (IIS).

Default: Disabled.

For more information, see:

Security Configuration Manager Tools 

© 2017 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies