Solved

Security and Password on Win98 SE

Posted on 2000-02-17
22
232 Views
Last Modified: 2013-12-28
How do you setup security in Win 98 so you password really works; when you click on Cancel it takes you right into the desktop with access to everything. I'm on a network that connects to an ISP in my building. When I power up I have to type in a password which it appears is more for the network than my desktop PC. What's the best way to set security on my desktop so just anyone can't come in, power up, and click on Cancel and they're in (in my PC I mean, not the network)
Thanks; appreciate your help
Joe Boyd
0
Comment
Question by:JoeBoyd
  • 7
  • 5
  • 2
  • +7
22 Comments
 
LVL 6

Expert Comment

by:1cell
ID: 2532301
unfortunately, windows is about the least secure operating system in the world! The steps you can take to do what you want are all pretty much able to be circumvented. Anyway, you can do what you want to do by adding another utility called policy editor.  In policy editor you can choose to "require user validation"
0
 

Author Comment

by:JoeBoyd
ID: 2532340
I think I saw that in one of the books I have.  It's a utility on the Win 98 CD that you have to add "manually", correct.  Am I right then about how password protecting my desktop PC in Win98 works - basically there is no password protection because all's you have to do is click on Cancel.  I'm  not missing anything then?  I never paid much attention to this before.  I always entered a password and click on OK, or I clicked on OK and then it wouldn't let you in.  I was taken aback when I clicked on Cancel though and it let you in.
0
 
LVL 6

Expert Comment

by:1cell
ID: 2532378
You are correct on all accounts.  Unfortunately, regardless of what you do, it is not going to be perfectly secure under Windows95/98.
0
 
LVL 7

Accepted Solution

by:
sorgie earned 30 total points
ID: 2532518
Choose display from control panel,Click screen saver make a selection, and click settings. check password protect and enter a password click OK (if you use a srn saver password now change to a new one). In explorer locate the the scr. file corresponding to your choosen screen saver, right drag it to your \Windows\Start Menu\Programs\Startup folder (you path may differ) and choose create shortcut here.

The next time you start Windows the screen saver will start and prompt you for a password.
0
 
LVL 6

Expert Comment

by:1cell
ID: 2532549
the only problem with that is the screen saver would only run AFTER the login.  it would not solve the problem with being able to cancel the login.

you could do this with the default profile but it would be easy to restart in safe mode, bypassing this and make changes in the screen saver time settings, allowing you to get to windows on the next boot.
0
 
LVL 3

Expert Comment

by:zombiwulf
ID: 2532552
What Sorgie has suggested may be enough for you, but be advised that you will still not have any real security, as all someone has to do is hold down the shift key while the desktop is loading and that will prevent the screensaver from loading.

As 1cell mentioned, the poledit setting is the one that controls access to the local PC.

Anyone can still boot to Safe Mode and access anything, they can boot to a floppy...

If you really want security, look at www.winfiles.com and you'll see several packages that purport to make the system more secure. Or you can use NT.

Or...you can set a bios password and disable booting from the floppy.
0
 

Author Comment

by:JoeBoyd
ID: 2532685
I tried sorgie's suggestion and I see waht 1cell means.  Windows boots up like normal, if you click on the Cancel button instead of putting in a password, and after the desktop comes up you almost instantly get the screen saver password dialog box. All this can be bypassed by going into Safe Mode? If I understand it correctly, the better security then would be using the Policy Editor - would you still be secure if you went into Safe Mode?  One of things were trying to do is keep the "honest" people honest so to speak, eg. keep the cleaning people from turning on the PC and using it or snooping around.  I understand about using a bootable floppy and how that can get around everything.  I also appreciate zombiwulf's input, especially on the website info.  Boy, I'm going to have a hard time dividing up the points once I get all the comments in and decide what to do.  Thanks everyone so much for your help;I really appreciate it!
SIDE NOTE:
I see where you can increase the points, but how can you divide them up among various people?
0
 
LVL 6

Expert Comment

by:1cell
ID: 2532720
just post questions for the people you want to award in the same topic area.
0
 
LVL 10

Expert Comment

by:tonnybrandt
ID: 2532733
To me JoeBoyds suggestion about the bios password and floppy disabling is the most secure way to go. If you're able to put a lock on the cabinet of your PC, it would be impossible to clear the bios with jumper or switch without leaving trace, that it has been messed around with. However this is maybe overdoing it ???.
0
 
LVL 5

Expert Comment

by:bchew
ID: 2532877
"In policy editor you can choose to "require user validation""

This is only valid if you are logging into an NT domain.

0
 

Author Comment

by:JoeBoyd
ID: 2532954
If you use the Policy Editor to "require user validation" can this be bypassed in Safe Mode?
0
Don't lose your head updating email signatures!

Do your end users still have the wrong email signature? Do email signature updates bore you or fill you with a sense of dread? You can make this a whole lot easier on yourself by trusting an Exclaimer email signature management solution. Over 50 million users do...so should you!

 
LVL 6

Expert Comment

by:1cell
ID: 2532993
no
0
 

Expert Comment

by:TheGMan143
ID: 2533342
THE BOTTOM LINE... Windows 95 and 98 security, of itself, is useless, or nearly so.  The shared features of the desktop carry over from profile to profile, and the Control Panel works in every profile.  The login is mainly for users to customize the desktop and SOME of the settings to thier liking, and will limit(not prevent) access to some shared items like mapped network drives.  To lock out a system, a hardware answer (as stated above) would be to put a BIOS password on the system, which locks out any type of boot-up until the correct password is entered.  The problem, also mentioned above, is that the PW can usually be cleared with a jumper.  Ultimate denial of access would be to put the unit into a locked room or at least a locked cabinet, to deny access to anyone who does not have a key.  An alternative method would be to use a multi-boot partitioning system like System Commander or PartitionMagic - which allows the drive to be broken up into several, distinct and separate operating partitions, which can usually be limited access to with a password.  Other options would be to install a hardware unit such as a removable drive bay, that several drives can be mounted into...the ultimate in limiting access to data, since he drive is physically removed from the system.  For a multi-user system with one partition, there are a couple programs on the market, such as FullArmor or Pretty Good Privacy that can limit access to selected functions with a password...and I believe programs are now being released from companies that produce programs like Net Nanny, CyberSitter, and NetCop, which do basically the same thing so parents can keep the kids out of areas like the Control Panel or thier checkbook or database programs.

Hope this helps a bit...if you want more info, post here, or visit my site at http://www.geocities.com/mgandzyk and email me.  
0
 
LVL 5

Expert Comment

by:bchew
ID: 2533385
And there is always Windows NT which provides about the same level of security as the other third-party solutions.

Bert
0
 
LVL 3

Expert Comment

by:Dassa
ID: 2534062
The best way to secure your system is to place a password in your CMOS setup so that a password has to be entered to bootup the system.  Anything you do with Windows can be defeated.  The CMOS password will make things a lot more difficult.  To enter the CMOS setup, while booting your computer, press the DEL key or other key combination for your particular system.  Within the CMOS setup screen you will see an option to enter passwords.  There are usually two.  One creates a need to enter a password to enter the CMOS setup and the other requires a password to boot the computer.
0
 
LVL 2

Expert Comment

by:craig_capel
ID: 2534685
Nope... Polledit can be made to force a Login without allowing them to esc out ouf it..... but you need a server like Novell or NT, to properly secure login access.... I think all options have been explorerd here... Polledit can be downloaded or if you have windows 95 cd, its on there.... if not try this site here to do what you need:

http://www.cadvision.com/redicks/security.htm   <<I hope this helps out
0
 

Expert Comment

by:thammond
ID: 2537592
What if you were to enable the BIOS password.  It is not Win98 but it is a lot more conspicuous if someone is taking apart your pc to disconnect the battery....
0
 
LVL 2

Expert Comment

by:craig_capel
ID: 2538196
but how old is the Bios and what make?

if you password protect it then try this if its an AWARD bios: AWARD_SW

if you password protect it then try this if its an AMI bios:
AMI

If those do not let you into your Bios.... then yeah its safe enough to use......

Other Bioses like Phenoix etc, are less known...


So you may have to find another option?
0
 
LVL 6

Expert Comment

by:1cell
ID: 2538909
there's a million BIOS passord bypassers/crackers out there.  Just ask jeeves
0
 

Author Comment

by:JoeBoyd
ID: 2550088
Thanks sorgie.  You were the first with a relatively simple answer that will solve the situation I have.  I realize there are other and better security options (such as the first comment from 1cell, which by the way I would like to give some points to but am not real sure how to do that.  1Cell, you told me in a comment that I could just post a question to a person for them to answer.  Please explain a little more; I apologize.  I think I'm going to have to learn this site a little better.).  But, yours gave me a quick and easy answer.  All's I need for right now is to keep out people like the cleaning people would might want to turn on the computer just to play with it or see what's on it.  This solution will do the trick.  It'll keep the novice or curious person out.   Thanks again,
Joe Boyd
By the way, my email is joe@lightstreamcomputing.com
0
 
LVL 6

Expert Comment

by:1cell
ID: 2551003
If you want to award multiple people points for one question, simply post questions for the other people in the same topic area for the amount of points you want to award.  If this were my question and I wanted to award sorgie and JoeBoyd, I would accept the most helpful as the answer(Sorgie) and then post another question in this topic like "for JoeBoyd" with the respective amount of points awarded.
0
 

Author Comment

by:JoeBoyd
ID: 2551463
Thanks 1Cell for the information.  I'm going to go do that right now.
Joe Boyd
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
In this article, I will show you HOW TO: Perform a Physical to Virtual (P2V) Conversion the easy way from a computer backup (image).
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now