Configuring Token Cache for Basic Authentication (IIS 6.0)
Basic authentication stores user tokens in a token cache. If you log on using Basic authentication with an account that has a high level of user logon rights, a successful attacker could use the account to gain access to the resources on your computer. There are several ways to minimize this threat:
Before you edit the registry, make sure you understand how to restore it if a problem occurs. For information about how to restore the registry, see the "Restoring the Registry" and the "Restoring a Registry Key" topics in Registry Editor Help.
Using Registry Editor incorrectly can cause serious problems that require reinstalling the operating system. Because Registry Editor bypasses the standard safeguards that prevent you from entering settings that are conflicting or likely to degrade performance or damage your system, exercise caution when making changes to the registry. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. For information about how to edit the registry, see "Changing Keys and Values" in Registry Editor Help.
Note that you should back up the registry before you edit it. If you are running Microsoft® Windows NT® Server or newer server operating system from Microsoft, you should also update your Emergency Repair Disk (ERD).
For information about how to edit the registry, see the "Changing Keys and Values", "Add and Delete Information in the Registry", and "Edit Registry Data" topics in Registry Editor Help.
You must be a member of the Administrators group on the local computer to run scripts and executables. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run your script or executable as an administrator. At a command prompt, type runas /profile /User:MyComputer\Administrator cmd to open a command window with administrator rights and then type cscript.exeScriptName (include the script's full path and any parameters).
To configure token caching