Security, Password Protected Computer

  • Thread starter Thread starter John Persico
  • Start date Start date
J

John Persico

Forgive me for my lack of knowledge on this issue, but...

How secure is an XP Home Edition machine that has one user
with forced login and password protection (meaning, turning
the computer on sends it to the login screen, there's only
one account, and it's password protected).

By secure, I mean, can anyone access that computer other
than the user who knows the password? Can anyone else read,
access, copy, or otherwise alter files on the machine? I
guess I'm wondering if there's some backdoor way that
someone could get into my machine (say, through a command
line interface or something), by bypassing the XP login.
Essentially, I want to be the only one who can use my
computer (or see anything on it).
 
XP has built-in hidden Administrator account ,visible in Safe Mode only .
You need to get into Safe Mode and also password protect it.

Noone can access your account if the PC is at home,I think you understand...

All these programs,mentioned by Mr.Broom are more or less illegal.


Panda_man
" Let's beat malware black and blue "
" No new epidemics of all kind of malware -> Panda TruPrevent "
 
Very few if any of the programs are illegal.They are all legitimate tools
intended to be used by pros. Any illicit use falls solely on the user.

--
Larry Samuels Associate Expert
MS-MVP (2001-2005)
Unofficial FAQ for Windows Server 2003 at
http://pelos.us/SERVER.htm
Expert Zone-
 
What's the best way to password-protect the administrator
account?
If someone boots your computer in Safe Mode and the
administrator account is password protected, can they view
files on the machine (if they don't have any of the programs
you mentioned)?
 
John said:
Forgive me for my lack of knowledge on this issue, but...

How secure is an XP Home Edition machine that has one user
with forced login and password protection (meaning, turning
the computer on sends it to the login screen, there's only
one account, and it's password protected).

By secure, I mean, can anyone access that computer other
than the user who knows the password? Can anyone else read,
access, copy, or otherwise alter files on the machine? I
guess I'm wondering if there's some backdoor way that
someone could get into my machine (say, through a command
line interface or something), by bypassing the XP login.
Essentially, I want to be the only one who can use my
computer (or see anything on it).
Click to expand...

As the other OPs have stated if other people have physical access to
your machine there are ways and means (Bootable CDs, Linux diskettes
etc) that will enable people to remove the passwords used.

If you want people not to be able to see your data then use some form
of encryption such as the NTFS encryption built into XP, BUT, and a
very BIG BUT, remember to create a Recovery Agent and back up your
encryption keys and certificates to some form of external storage
because if you loose your keys your data is gone for good.

For more details on XP encryption methods enter XP encryption in the
search bar at http://support.microsoft.com/search/default.aspx
 
John said:
What's the best way to password-protect the administrator
account?
Click to expand...


Set a strong password for it. In other words, use at least 8
characters, and make those characters a mixture of upper and lower case
letters, numbers, and special characters, such as *, $, _, !, @, or #.
Do *NOT* use easily guessed names, dates, etc.


If someone boots your computer in Safe Mode and the
administrator account is password protected, can they view
files on the machine (if they don't have any of the programs
you mentioned)?
Click to expand...


Not unless he/she knows the password for the built-in Administrator
account.


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
John said:
Can you encrypt an entire drive?
No.

Do you unencrypt every time you use the computer?
Click to expand...


No. The OS access the encrypted files seamlessly, if the logged in
user has permission to access the encrypted files. The
"decryption/encryption" process occurs in the background and is
virtually (there may be a very slight performance hit) invisible to the
authorized user.

Do new files get encrypted automatically?
Click to expand...


No. Only those files/folders that the user designates get encrypted.

Are there any printed materials that give the full scoop on
XP encryption?
Click to expand...

Best Practices for Encrypting File System
http://support.microsoft.com/default.aspx?scid=kb;en-us;223316

Bear in mind, before proceeding, that EFS is not to be used lightly.
Should something go wrong with the PC that requires you to reinstall the
OS, and if the your encryption certificates and keys were not backed up
before the reinstallation, and the workstation isn't part of a domain,
those files are gone, for all practical purposes. Encryption works well
and there is no "back door" or hack to access the files. (Wouldn't be
much point to EFS if it were vulnerable.)


--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
Absolutely. If someone has physical access to your PC and the correct tools,
all bets are off on security.
Why do you think servers are locked in closets or server rooms and only the
SysAdmins have keys?

--
Larry Samuels Associate Expert
MS-MVP (2001-2005)
Unofficial FAQ for Windows Server 2003 at
http://pelos.us/SERVER.htm
Expert Zone-
 
DO NOT use NTFS encryption unless you know exactly what you are doing. If
you do you are simply setting up data loss waiting for an opportunity to
strike <G>


--
Larry Samuels Associate Expert
MS-MVP (2001-2005)
Unofficial FAQ for Windows Server 2003 at
http://pelos.us/SERVER.htm
Expert Zone-
 
How would I set the administrator password?
Would I use control userpasswords2 at the run prompt.
When the computer starts in safe mode, is it automatically
started with the administrator account every time?
 
John said:
How would I set the administrator password?
Click to expand...


Log in as Administrator, right-click My Computer > Manage > Users and
Groups > Users > highlight Administrator, right-click and select reset
password.

Would I use control userpasswords2 at the run prompt.
Click to expand...


That's another viable means of getting to the right place.

When the computer starts in safe mode, is it automatically
started with the administrator account every time?
Click to expand...

Only if that's the only user account on the computer.

--

Bruce Chambers

Help us help you:



You can have peace. Or you can have freedom. Don't ever count on having
both at once. - RAH
 
Back
Top