Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Advanced Computer Logon

Posted on 2006-11-06
10
Medium Priority
?
172 Views
Last Modified: 2010-04-11
I'm looking for something real secure for logging on my PC.

I'd like something like a pin # required BEFORE the windows login screen can be accessed.

Even in safe mode would be extra helpful.
0
Comment
Question by:jqsolara
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
10 Comments
 
LVL 13

Expert Comment

by:prashsax
ID: 17885423
Why don't you configure BIOS password.
0
 

Author Comment

by:jqsolara
ID: 17885507
Because I'd like to utilize remote desktop connection from home.

However, I don't want people to get on my system at work if someone's there (i.e. log on to the domain we all use) via my computer.
0
 

Author Comment

by:jqsolara
ID: 17885510
Yeah, I was really happy to see someone surfing NFl sites on my system under their domain login when I remoted to it yesterday.
0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 27

Expert Comment

by:David-Howard
ID: 17885547
Hey JGSolara,
You might give this a try. (Free and with a screenshot)
http://www.softforall.com/Utilities/SecurityEncryption/CompuSec_PC_Security_Suite09130085.htm
It uses pre-boot authentication, single-sign-on for windows Logon, full hard disk encryption,
encryption of floppy diskettes and other removable media.
This is shareware:
http://www.pcsoftland.com/utilities/encryption-tools/DCPP.htm
:-)
David
0
 
LVL 7

Expert Comment

by:instillmotion
ID: 17886051
Assuming you have windows XP:

Control Panel > Display > Screensaver Tab > On Resume Password Protect. Set the screensaver on.

It will lock your machine and only an administrator or yourself would be able to log you off. Unless they force restart the machine off course.

It's the equivalent of locking your machine rather than loggin off. If you're logged off, a domain user can logon, but if you lock the machine, they have to force you out, and only an administrator would be able to do it.
0
 
LVL 19

Expert Comment

by:CoccoBill
ID: 17889011
If we are talking bout a corporate environement, wouldn't it be the administration's task to deal with this kind of issues, if they are regarded as policy breaches? Tell your superior about this, if your workstation is for your personal use only, it shouldn't be a problem to remove logon rights from Domain Users. Installing software that alters/restricts logon rights on the computer, which I'm assuming is company property, can be a breach of policy.
0
 

Author Comment

by:jqsolara
ID: 17889854
Don't worry about company policy I have permission to do so but thanks for pointing that out for others.

And so far I've found http://www.dekart.com/   incase anyone here is looking
0
 
LVL 3

Expert Comment

by:MarkWYnne
ID: 17889937
In a managed domain environment CoccoBill is spot on.

Admin can specify which users can log on to what computers via their AD account. In a situation where users
have static desks... Computers users can log on to can be specified on the AD account tab. Otherwise anyone can log into anyone's computer. Also log on rights can be denied for certain users.



I used to use the auld "System not compliant. Do not use" note stuck to the screen. Again this may twist somebody's biscuit so be sure you are within company policy boundaries so not to get in hot water with IT.



0
 

Author Comment

by:jqsolara
ID: 17890357
I am the system administrator but I will probably end up changing the user policy for my system. It's just that my Predecessor has so much stuff I have to fix in group policies because it really is a mess.

This is why I was seeking some type of software to do this for myself. Sorry to not specify that this is indeed my system for work however I can do whatever I wish to do with this laptop.
0
 
LVL 19

Accepted Solution

by:
CoccoBill earned 2000 total points
ID: 17890536
Personally I wouldn't bother with extra gimmicks, just add your domain account to the local Administrators group (or better yet Users, principle of least privilege), then remove Domain Users from the local Users group and Domain Admins from the local Administrators group if you want to make sure noone users your laptop. Since you have access to the group policy you could also create a custom policy for yourself where you specify the users with Log on locally privileges.

By the way, I assume you mean the Dekart secure Logon application? From what I understand from reading it, it basically just provides an alternate logon method to regular windows password authentication. That itself doesn't block other users out nor change their permissions on the laptop. Even if it did block their local logons, I doubt it'll stop other user accounts from logging over the network or through remote desktop.

0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Check out the latest tech news, community articles, and expert highlights in August's newsletter.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question