Use secure virtual memory
Path
Computer Configuration > Policies > Centrify Settings > Mac OS X Settings > Security & Privacy > Use secure virtual memory
Description
Prevent passwords from being recoverable from virtual memory.
Any time a password is entered, it is possible for system to write that password in a block of memory that it dumps to a file in /var/vm
, making the password recoverable.
Enabling this group policy ensures that the virtual memory /var/vm
files are encrypted, preventing any passwords written there from being recovered.
This policy can take effect dynamically at the next group policy refresh interval.