Solved

Outlook 2003 Cached Mode - Password on Open

Posted on 2006-11-11
19
422 Views
Last Modified: 2008-02-01
Hello. I have a remote Outlook 2003 laptop running in Cached Exchange Mode connecting to an Exchange 2003 Enterprise Server through a VPN tunnel. I need Outlook to prompt for login credentials when it opens, not while checking for new messages. This person has very sensitive e-mail in his folders which anyone will have access to if they cancel the login screen that pops up by checking the box to always prompt for user name & password. Is there any way to password protect these offline files?? Any help would be appreciated. Thanks in advance.

Jon
0
Comment
Question by:Jon DeVito
  • 10
  • 4
  • 2
  • +1
19 Comments
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 75 total points
Comment Utility
While you can make Outlook prompt for a username and password when it starts, that is only if it is connecting to the Exchange server. I am not aware of a way that you can get Outlook to prompt for a password when it is started.
My personal opinion is that the machine should protecting the files. If someone has access to the machine then it is game over anyway. With physical access to the machine I can get in to it in less than 2 minutes.

You need to protect the machine rather than the application.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
I agree in theory, but I'm trying to hide the data from the casual observer, not the tech people.
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
PS - I am using a Dell Latitude D820 with a Biometric Fingerprint Reader using Wave Embassy Security Center. If I can use my fingerprint to login to my Cached Exchange I will double the points.
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
If a casual observer gets access to the machine, then you have the same problem.
If the machine contains data that is that sensitive then the user needs to be trained to lock the machine when they walk away or take the machine with them. You can change the screensaver timeout to one minute so that it locks very quickly if the machine is abandoned.

Outlook has been designed that the machine provides the protection, not the application.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Understood & agreed but that is not always practical & I can't take the chance with that. I would expect that by now with the Bio reader you could get a piece of software that will allow certain exe's to run only if the Bio reader is used. I don't see the option for that with the software that came with this laptop but I would be willing to try another software if it worked that way.

Thanks.
Jon
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
You may want to put a pointer in the Outlook topic area then, because as far as I am aware it cannot be done.

A bio scanner is just another mechanism for entering a password. It requires application support that protects the file to send a request for authentication which the bio scanner can then fulfil.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Thanks a lot for the help Simon. I will try the Outlook area but I'm not quite sure how to put a pointer though. Do I have to open a new thread in the Outlook topic area just with a link to this thread or is there a better way to do it?

Thanks again.
Jon
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
Pointers are just new questions with minimum value points (20) and a link to the original question.

Simon.
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Thanks a lot Simon. I just created the pointer in the Outlook area. Thanks again.

Jon
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 26

Assisted Solution

by:Vahik
Vahik earned 75 total points
Comment Utility
http://pgp.com

the latest version of PGP desktop offers folder\file and disk\volume encryption...
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Thanks Vahik, I'm looking at all of the PGP products & although they will encrypt the disk it doesn't look like they will secure my Outlook in Cached Exchange Mode. I have never used any software like this so I don't know if I'm looking at this wrong but I need to be able to walk away from a logged in laptop & have Outlook prompt me for a password when run preferably using my built in fingerprint reader. Can the PGP software do that?

Thanks.
Jon
0
 
LVL 26

Expert Comment

by:Vahik
Comment Utility
PGP can encrypt ur outlook folder where outlook PST OST resides....once it is encrypted it servers two purpose...
1- to access outlook you must provide password(actually it is a passphrase)....
2- if laptop is stollen noone can access those encrypted files and folders(even if they access the drive by removing it adding it as a second drive on another machine) unless they come up with passphrase....not possible according to PGP....


but once passphrase is provided it will not be required unless a reboot or unless user is logged off....


i am not sure about biometrics but i know PGP works with smart cards and tokens...
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Thanks for the info, still not quite what I'm looking for though because the user would have to log off or lock the computer every time he walked away. I need the protection to be on Outlook or the offline data file so that it prompts for a password every single time the program is launched. Thanks again for the info on the program though.

Jon
0
 
LVL 9

Accepted Solution

by:
robjeeves earned 100 total points
Comment Utility
G'day mate, couple of ideas?

Windows Key + L to lock the screen and somthing like this

http://program-protector.blumentals-software.qarchive.org/

I've not used that software and there seems to be a few of them around if you have a google?

Any good to you?

Rob
0
 
LVL 9

Expert Comment

by:robjeeves
Comment Utility
G'day

I had another brainwave :)  This might not work but I'll share it with you anyway.  Seeing as it's a laptop is it only one user who uses it?  If so how about

Make a new user on the laptop
Change the NTFS permission on the Outlook Executable to only allow 'the new user access'
You then create a batch file using the runas command and run the Outlook.exe executable.
In this mini-batch file you specify the Username but don't include the password, So the user gets a command window asking for a password

This is a bit of an ugly way to do it but it might work?  Not sure how outlook will handle opening as the new user, ie will it open the correct profile etc but why not give it a go.  It might just work :-)

Rob
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Hi Rob, sorry I was away for a few days on business but I am definitely going to try that last one. Great idea if it works. Even if it's ugly, I just need it to work. I'll let you know the minute I can get back to that laptop. Most likely flying back in tomorrow. Thanks again for the idea.

Jon
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
Hi Rob. I keep getting Directory name is invalid pointing to my Outlook.exe when using the RunAs. Any idea why?

Thanks again for the help.
Jon
0
 
LVL 3

Author Comment

by:Jon DeVito
Comment Utility
No objections from me. I wish I could have found a solution but thanks for trying everyone.

Jon
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Suggested Solutions

Check out this infographic on what you need to make a good email signature that will work perfectly for your organization.
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
In this video we show how to create a Shared Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Sha…
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now