Solved

Advanced Computer Logon

Posted on 2006-11-06
10
169 Views
Last Modified: 2010-04-11
I'm looking for something real secure for logging on my PC.

I'd like something like a pin # required BEFORE the windows login screen can be accessed.

Even in safe mode would be extra helpful.
0
Comment
Question by:jqsolara
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 17885423
Why don't you configure BIOS password.
0
 

Author Comment

by:jqsolara
ID: 17885507
Because I'd like to utilize remote desktop connection from home.

However, I don't want people to get on my system at work if someone's there (i.e. log on to the domain we all use) via my computer.
0
 

Author Comment

by:jqsolara
ID: 17885510
Yeah, I was really happy to see someone surfing NFl sites on my system under their domain login when I remoted to it yesterday.
0
Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

 
LVL 27

Expert Comment

by:David-Howard
ID: 17885547
Hey JGSolara,
You might give this a try. (Free and with a screenshot)
http://www.softforall.com/Utilities/SecurityEncryption/CompuSec_PC_Security_Suite09130085.htm
It uses pre-boot authentication, single-sign-on for windows Logon, full hard disk encryption,
encryption of floppy diskettes and other removable media.
This is shareware:
http://www.pcsoftland.com/utilities/encryption-tools/DCPP.htm
:-)
David
0
 
LVL 7

Expert Comment

by:instillmotion
ID: 17886051
Assuming you have windows XP:

Control Panel > Display > Screensaver Tab > On Resume Password Protect. Set the screensaver on.

It will lock your machine and only an administrator or yourself would be able to log you off. Unless they force restart the machine off course.

It's the equivalent of locking your machine rather than loggin off. If you're logged off, a domain user can logon, but if you lock the machine, they have to force you out, and only an administrator would be able to do it.
0
 
LVL 19

Expert Comment

by:CoccoBill
ID: 17889011
If we are talking bout a corporate environement, wouldn't it be the administration's task to deal with this kind of issues, if they are regarded as policy breaches? Tell your superior about this, if your workstation is for your personal use only, it shouldn't be a problem to remove logon rights from Domain Users. Installing software that alters/restricts logon rights on the computer, which I'm assuming is company property, can be a breach of policy.
0
 

Author Comment

by:jqsolara
ID: 17889854
Don't worry about company policy I have permission to do so but thanks for pointing that out for others.

And so far I've found http://www.dekart.com/   incase anyone here is looking
0
 
LVL 3

Expert Comment

by:MarkWYnne
ID: 17889937
In a managed domain environment CoccoBill is spot on.

Admin can specify which users can log on to what computers via their AD account. In a situation where users
have static desks... Computers users can log on to can be specified on the AD account tab. Otherwise anyone can log into anyone's computer. Also log on rights can be denied for certain users.



I used to use the auld "System not compliant. Do not use" note stuck to the screen. Again this may twist somebody's biscuit so be sure you are within company policy boundaries so not to get in hot water with IT.



0
 

Author Comment

by:jqsolara
ID: 17890357
I am the system administrator but I will probably end up changing the user policy for my system. It's just that my Predecessor has so much stuff I have to fix in group policies because it really is a mess.

This is why I was seeking some type of software to do this for myself. Sorry to not specify that this is indeed my system for work however I can do whatever I wish to do with this laptop.
0
 
LVL 19

Accepted Solution

by:
CoccoBill earned 500 total points
ID: 17890536
Personally I wouldn't bother with extra gimmicks, just add your domain account to the local Administrators group (or better yet Users, principle of least privilege), then remove Domain Users from the local Users group and Domain Admins from the local Administrators group if you want to make sure noone users your laptop. Since you have access to the group policy you could also create a custom policy for yourself where you specify the users with Log on locally privileges.

By the way, I assume you mean the Dekart secure Logon application? From what I understand from reading it, it basically just provides an alternate logon method to regular windows password authentication. That itself doesn't block other users out nor change their permissions on the laptop. Even if it did block their local logons, I doubt it'll stop other user accounts from logging over the network or through remote desktop.

0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Windows 10 Task Scheduler fears and concerns 8 64
Bitlocker request key after every windows update 11 103
Quick start reading for Windows sysinternals 5 81
Wannacry 44 101
Most MSPs worth their salt are already offering cybersecurity to their customers. But cybersecurity as a service is wide encompassing and can mean many things.  So where are MSPs falling in this spectrum?
Do you know what to look for when considering cloud computing? Should you hire someone or try to do it yourself? I'll be covering these questions and looking at the best options for you and your business.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question