Solved

Advanced Computer Logon

Posted on 2006-11-06
10
168 Views
Last Modified: 2010-04-11
I'm looking for something real secure for logging on my PC.

I'd like something like a pin # required BEFORE the windows login screen can be accessed.

Even in safe mode would be extra helpful.
0
Comment
Question by:jqsolara
10 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 17885423
Why don't you configure BIOS password.
0
 

Author Comment

by:jqsolara
ID: 17885507
Because I'd like to utilize remote desktop connection from home.

However, I don't want people to get on my system at work if someone's there (i.e. log on to the domain we all use) via my computer.
0
 

Author Comment

by:jqsolara
ID: 17885510
Yeah, I was really happy to see someone surfing NFl sites on my system under their domain login when I remoted to it yesterday.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 27

Expert Comment

by:David-Howard
ID: 17885547
Hey JGSolara,
You might give this a try. (Free and with a screenshot)
http://www.softforall.com/Utilities/SecurityEncryption/CompuSec_PC_Security_Suite09130085.htm
It uses pre-boot authentication, single-sign-on for windows Logon, full hard disk encryption,
encryption of floppy diskettes and other removable media.
This is shareware:
http://www.pcsoftland.com/utilities/encryption-tools/DCPP.htm
:-)
David
0
 
LVL 7

Expert Comment

by:instillmotion
ID: 17886051
Assuming you have windows XP:

Control Panel > Display > Screensaver Tab > On Resume Password Protect. Set the screensaver on.

It will lock your machine and only an administrator or yourself would be able to log you off. Unless they force restart the machine off course.

It's the equivalent of locking your machine rather than loggin off. If you're logged off, a domain user can logon, but if you lock the machine, they have to force you out, and only an administrator would be able to do it.
0
 
LVL 19

Expert Comment

by:CoccoBill
ID: 17889011
If we are talking bout a corporate environement, wouldn't it be the administration's task to deal with this kind of issues, if they are regarded as policy breaches? Tell your superior about this, if your workstation is for your personal use only, it shouldn't be a problem to remove logon rights from Domain Users. Installing software that alters/restricts logon rights on the computer, which I'm assuming is company property, can be a breach of policy.
0
 

Author Comment

by:jqsolara
ID: 17889854
Don't worry about company policy I have permission to do so but thanks for pointing that out for others.

And so far I've found http://www.dekart.com/   incase anyone here is looking
0
 
LVL 3

Expert Comment

by:MarkWYnne
ID: 17889937
In a managed domain environment CoccoBill is spot on.

Admin can specify which users can log on to what computers via their AD account. In a situation where users
have static desks... Computers users can log on to can be specified on the AD account tab. Otherwise anyone can log into anyone's computer. Also log on rights can be denied for certain users.



I used to use the auld "System not compliant. Do not use" note stuck to the screen. Again this may twist somebody's biscuit so be sure you are within company policy boundaries so not to get in hot water with IT.



0
 

Author Comment

by:jqsolara
ID: 17890357
I am the system administrator but I will probably end up changing the user policy for my system. It's just that my Predecessor has so much stuff I have to fix in group policies because it really is a mess.

This is why I was seeking some type of software to do this for myself. Sorry to not specify that this is indeed my system for work however I can do whatever I wish to do with this laptop.
0
 
LVL 19

Accepted Solution

by:
CoccoBill earned 500 total points
ID: 17890536
Personally I wouldn't bother with extra gimmicks, just add your domain account to the local Administrators group (or better yet Users, principle of least privilege), then remove Domain Users from the local Users group and Domain Admins from the local Administrators group if you want to make sure noone users your laptop. Since you have access to the group policy you could also create a custom policy for yourself where you specify the users with Log on locally privileges.

By the way, I assume you mean the Dekart secure Logon application? From what I understand from reading it, it basically just provides an alternate logon method to regular windows password authentication. That itself doesn't block other users out nor change their permissions on the laptop. Even if it did block their local logons, I doubt it'll stop other user accounts from logging over the network or through remote desktop.

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Home wireless security 10 62
ActiveWorkbook.Save, with  no security message? 5 52
SonicWall NSA 3600, Geo-IP Filter & blocking sites 2 41
SOC, SIEM, IPS and FW 4 34
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
February 24, 2017 — On February 23, Travis Ormandy, a vulnerability researcher at Google, reported on Twitter (https://twitter.com/taviso/status/834900838837411840) that massive stores of data have been leaked by CloudFlare, a company that provide…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question