Microsoft LAPS: Honest Obituary or False Eulogy to the Death of Passwords?
The famous Latin phrase De mortuis nil nisi bonum (Of the dead, nothing unless good) came to mind last week when Microsoft announced the release of LAPS (Local Administrator Password Solution). Microsoft has been predicting the demise of passwords for over a decade.
Way back in 2004, Microsoft's Chairman, Bill Gates predicted the death of passwords and again in 2006, he claimed that the end to passwords was at sight. And today, Microsoft releases a solution for password management, though only to manage local administrator accounts. Perhaps, by releasing LAPS now, Microsoft is paying an honest obituary. Or, is it a false eulogy?
All kidding aside, managing local administrator passwords is a contentious issue in IT teams and it is rather heartening to see Microsoft releasing a solution, belatedly though. In this aspect, ManageEngine has been years ahead of Microsoft; we brought in this feature in Password Manager Pro almost 9 years ago, exactly when Microsoft predicted that the end to passwords was at sight.
In unstructured or not-so-structured IT environments, the classic dilemma of an admin is whether to enable local admin accounts when provisioning workstations. If the local admin accounts are disabled, the vital option to get into the system when it fails to connect to the domain controller for some reason is lost.
However, enabling a local administrator account comes with a host of security issues:

- IT admins lose centralized control over the assets – end users tend to install software applications of their choice,bypass security controls like virus scans, reconfigure firewall settings, or even postpone vital security updates.
- If the local administrator passwords are weak, left unchanged, or the same password is used on multiple accounts, malicious users could gain unauthorized access to workstations.
- In the worst-case scenario, an attacker with access to a local admin account could disperse widely,navigate across the network, and could even elevate privileges to that of a domain administrator.
BalaPassword Manager Pro – Quick Video | Free Trial Download | White Papers | Success Stories
Comments