COMMAND

    PPP (kernel)

SYSTEMS AFFECTED

    Win 2000

PROBLEM

    Blanton Lewis  found following.   He seem  to be  having  problems
    with win2k PPP  dialup scripting when  the "save password"  box is
    checked.  If  the script uses  the $PASSWORD variable  to pass the
    password during the login to the terminal server (in the  original
    sense of the word), it works the first time, but fails thereafter.

    This was discussed in the WUGNET Windows NT forum right after  W2K
    came out.  IF the remote  side uses PAP/CHAP, W2K will handle  the
    password correctly.  IF, however, the login sequence is  scripted,
    the saved password is always returned as 9 asterisks.

SOLUTION

    Microsoft said this  was not a  bug.  They  said that returning  a
    password to a  script violated their  security model.   Apparently
    the process that handles the  script is not a trusted  process and
    thus should not be trusted with a password.