Although some users will find it useful, one potentially dangerous feature of XP is its ability to cache username and password information associated with Web sites accessed via Internet Explorer. For example, on a system with multiple users sharing a single user account, a user might select the option to have XP remember the username and password used while logging on to a secure Web site, thus allowing other system users to potentially access it as well. While not a big issue for a news-related site, it’s easy to be a little more worried if it was your banking information others could get at.
The easiest solution to this problem is to set up a unique XP user account for each user, since this would cache usernames and passwords for each person individually. However, accessing this information would still be relatively simple for a user with administrator-level access. For this reason, password caching can be completely disabled, forcing a user to enter a complete username and password when visiting a secure site in Internet Explorer. To do so, fire up Regedit one more time and browse to HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\
Internet Settings. Creating a REG_DWORD value named DisablePasswordCaching and setting it to a value of 1 will force the current user to supply both a username and password on each visit to a secure Web site.