>
> Considering how frequently most people tend to reuse passwords, this is
> a pretty strong statement. Since Microsoft states that the folder
> password is "not related in any way to the user's network logon
> password" with such confidence, that would seem to imply a mechanism
> that prohibits password reuse when establishing the folder compression
> password. Is that the case, or does this statement merely promote a
> false sense of security?
>
It doesn't imply anything of the sort. It is a simple statement that from a
technical perspective, the compression password is not related to the
network password. The distinction is being made in comparison to
technologies like EFS ( which by default IS tied to the username/pwd when a
CA is not available ).
What would you have them say? "... the folder password is not related in any
way to the user's network logon, unless of course they use the same
password, which technically would still be unrelated, but stupid. It is
also not related to the users' ATM PIN number, unless of course they use
their PIN as their password which would again be unrelated, but even more
stupid."
If we made them go to this level of The Obvious when publishing these, then
they would read more like a Douglass Adams book than a security bulletin.
---------------------------------
Attonbitus Deus
[EMAIL PROTECTED]
