Hide user info on Computer Locked window

  • Thread starter Thread starter VinceV
  • Start date Start date
V

VinceV

Maybe I'm just a bit paranoid but I don't think that the information about
the user who locked the computer (via ctrl-alt-del or windows key-l) should
be displayed in the status window. Is there any way to remove the
information about the locking user?

That user information is half of what a malicious person needs to gain
access to the PC (or worse, network resources if that person is an admin)

VinceV
 
Anyone with physical access to the machine already has
the ability to get usernames by snooping on the disk,
installing a new instance of the OS, on and on and on.

If you're worried about something on the display, you
need to be more worried about the physical security of
the system.
 
Right, and I reiterate my point. If those people with no
legitimate business on the system have physical access to
the machine, they can already do things to get a list of
usernames with profiles on the system, for example.

What prevents those people from simply booting off
another OS CD or a floppy and checking the directory
structure and/or files for usernames? They can even copy
unencrypted files off the machine.

If you give me 10 minutes (or less really) and physical
access to a machine with unencrypted data, I'll find at
least one username that has logged into the system...all
without ever "logging on" or looking at the locked
display.

If they don't have physical access to the machine, how
are they seeing the locked message?
 
So what you are saying is that you do not know how to remove the username
from the computer locked dialog box?
Right, and I reiterate my point. If those people with no
legitimate business on the system have physical access to
the machine, they can already do things to get a list of
usernames with profiles on the system, for example.
Click to expand...

That's true, but they also have to physically change the system (i.e. reboot
with a cd, floppy, etc) which should trigger a response from the person who
locked the computer. With the name sitting there staring them in the face
its simply a grab and dash.
What prevents those people from simply booting off
another OS CD or a floppy and checking the directory
structure and/or files for usernames? They can even copy
unencrypted files off the machine.
Click to expand...

That is true of any computer system. Time on scene is an issue though. The
more time they spend at the machine the bigger the risk of discovery
becomes.
If you give me 10 minutes (or less really) and physical
access to a machine with unencrypted data, I'll find at
least one username that has logged into the system...all
without ever "logging on" or looking at the locked
display.
Click to expand...

Vs. a 10 second look at the locked screen message? There is more risk of
discovery with your method.

A security feature shouldn't divulge any information.

VinceV
 
Back
Top