Anyone know where I can get one of those decryption programs?

Doesn't VeSoft allow one to limit what LDEVs, IP addresses or other
connections a given user could have? That would at least keep someone
from decrypting my password, and just supplying it at another PC or from
a dial-in. It seems that there are measures that one can take to add to
remote access security to shore up said weaknesses.

>----------
>From:  Michael L Gueterman[SMTP:[log in to unmask]]
>Sent:  Wednesday, May 07, 1997 11:18 AM
>To:    [log in to unmask]
>Subject:       Re: [HP3000-L] Passing logon Info
>
>As far as I know, every time Microsoft has released an enhanced
>version of it's security covering the stored passwords, someone
>else has come along with a nifty little program to decrypt them.
>I'm sure they keep getting better and better, but I'm not willing
>to have my MPE passwords stored on the PC.  At least not yet :)
>
>Regards,
>Michael L Gueterman
>Easy Does It Technologies
>email: [log in to unmask]
>http://www.editcorp.com
>voice: (888) 858-EDIT -or- (509) 943-5108
>fax:   (509) 946-1170
>--
>
>
>----------
>From:  Lars Appel[SMTP:[log in to unmask]]
>Sent:  Wednesday, May 07, 1997 4:47 AM
>To:  [log in to unmask]
>Subject:  Re: [HP3000-L] Passing logon Info
>
><snip>
>
>This is because a "map network drive" establishes a TCP connection to the
>SMB server machine and passes username/password during the initial hand-
>shake for "session setup" (not talking about an MPE session here).
>
>You "just" have to add some routine to SMBD that writes out the username,
>password and PC nodename or IP address to some (hopefully pretty secured)
>database that could then be examined by your application program(s).
>
><snip>
>
>
>Lars.
>