[thelist] Double login to a Secure Intranet Problem

Rob Smith rob.smith at THERMON.com
Mon Nov 18 11:42:02 CST 2002


Hi List,

About a half a year ago our company released a secure extranet to all our
employees world wide, which would provide a dynamic information vehicle to
special groups. The only encryption used is Windows NT/Challenge Response.
The site is running on a Win NT box, IIS 4.0. The clients are supposed to be
using IE 5.1 or greater and nothing else.

When our users "logon" to the extranet, they're prompted to enter their NT
account info: username, password, and domain. If the users click, remember
my password, and click ok (to log on), they are prompted with a second
password box, and have to reenter their NT account info. How can I avoid the
second login?

Additional info: The powers that be absolutely refuse to configure each
users browser security settings. They absolutely refuse to pay the presumed
5-digit payment to authenticate to Verisign or whomever controls the
verified authentication stuff to make us an official "Trusted Site." In
addition to the "Trusted site" issue, we're getting the expected security
warnings upon opening docs such as *.doc, *.xls, etc. This is starting to
get on their nerves.

Thanks guys/gals/(other?),

Rob.Smith



More information about the thelist mailing list