[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now


Regularly Removing PEAP Authentication, is it safe?

Posted on 2007-11-27
Medium Priority
Last Modified: 2013-11-09
We're using Windows XP SP 2 Dell Latitudes to connect to a Cisco wireless network just configured at our site.

PEAP Authentication is configured and working properly.  However, according to KB 823731 from Microsoft, the following is true:

When you successfully log on to a network that uses PEAP authentication, your credentials are automatically stored in the computer for re-use. For example, when you shut down and then restart your computer, you are automatically logged on to the wireless network. There is no option that you can configure in Windows XP to prevent the operating system from storing your credentials.

The problem we are experiencing is that this automatic re-login to the Cisco Wireless Network during startup is making the computer freeze for a few minutes at "Preparing Network Connections".  Right now, we have a GP that forces the computer to wait for network before showing the login screen so that all required group policies are applied properly, changing this is not an option.

So, according to this same article, you can use a registry modification to remove the cached credentials...my question is this:

Is it safe to set up a computer logoff script that purges the PEAP cached credentials every time the computer shuts down so that when it boots up, it's unable to log in automatically?  If I do this, will it harm the computer? (i.e. not be able to boot past preparing network connections at all b/c it wants credentials that aren't there)?

I get this feeling that continual modification of the registry is not a clean way to make this work.  Is there any other workaround?

Question by:kaos_theory
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
LVL 18

Accepted Solution

Johnjces earned 2000 total points
ID: 20366215
Having reviewed this question on several occasions, and having come back to it, I can respond to only one aspect of your question and that would be regarding the deletion of registry keys which apparently hold your PEAP cached credentials. Am I correct in assuming this?

If so and you can write a script to delete those registry key entries such will not harm the registry or your computer in any way.

Many programs read, write and delete reg keys all the time with no ill effects. That was one of the intents on having a registry database such as this.

Also, it would seem to me that if a new PC was joined to your WLAN, it would have no cahced credentials anywhere. Therefore, it should join up as should any other PC whose credentials had been cleared. It would be as if it was a new PC being hooked up for the first time.

Try it on one PC and see what happens? Should be easy to repair if it fails? (question)

LVL 18

Expert Comment

ID: 20501395
Did any of this help you? Did you try it?


Author Comment

ID: 20654924
hold on i will have an answer for you sorry for the delay

Author Comment

ID: 20664823
Thanks for everyone's input, we decided to allow authentication without users entering credentials, which negated the need for removing the PEAP registry entries each time they log off.  

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Need WiFi? Often, there are perfectly good networks that don't have WiFi capability - and there's a need to add it.  - Perhaps you have an Ethernet port into a network but no WiFi nearby. - Perhaps you have a powerline extender and no WiFi at the…
Multi-source agreements are important because they set standards that all manufacturers should follow to ensure that devices are compatible with multiple vendors. The multi-source agreement (MSA) is an agreement that establishes how multiple vendors…
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question