Home |
Search |
Today's Posts |
|
Home Repair (alt.home.repair) For all homeowners and DIYers with many experienced tradesmen. Solve your toughest home fix-it problems. |
Reply |
|
LinkBack | Thread Tools | Display Modes |
#1
Posted to alt.home.repair
|
|||
|
|||
OT Password in Win7
"Mayayana" wrote:
Windows password cracking software exists and works quite well. The other options you talk about require actions on the part of software. I don't know of any function like that in Windows -- and certainly not in other software -- to do that. You can't just open the options settings in any program and set high security startup options. A lot easier would be to set a BIOS password. Boot into the BIOS and set a password for both the booting and for access to the BIOS itself. Then the only likely way to get around it is to remove the PC's battery for long enough to wipe the BIOS, or to take out the hard disk and hook it up elswhere. If the BIOS depends on non-default settings then people won't be able to wipe the BIOS without making the machine unbootable, so that's further security. But there's only so much you can do. If someone wants to get at the data on the disk they can probably do it. The only question is how expert they need to be. A further option would be to encrypt data on disk. You can password-protect ZIP files, for instance. I think Win7 also has on-disk encryption options, but I'm not familiar with them. ??????? I'm puzzled by this reply and most of the others in this thread. Maybe I just don't express myself sufficiently clearly. Maybe I confuse you with too much detail. Let's try again. I want to acquire a program which will do all the work for me. (Let's call it PW-Manager.) I don't want to learn about Linux. I'm not worried about people removing the HD and putting it in another machine, nor about people resetting the BIOS, nor about any super-sophisticated nerd doing any of the other things that people in this thread seem to be concerned about. KISS! Didn't I say the NSA can browse my machine at will? Or something similar. I just don't want, wife, kids, grandkids, visitors, cable guy, etc. deciding to see what hubby/dad/grandpa/etc has on his machine. And, my memory what it is, I can't remember what I had for breakfast, let alone any even slightly complex PW. Let's beat it to death. Take my wife. If she's called on to put in a PW she uses the name of the dog. Not enough characters? She adds 123 at the end. This also satisfies the occasional company who wants something containing letters and numbers. If they insist she has to change the PW once a month, OK, put the 123 at the front of the dog's name. Following month she makes it name of the dog twice in a row followed by the name of the city she was born in. After a couple of months she can usually revert to the more simple name + 123. Even my 5-year old grandkid can crack this in a couple of minutes. In her office, lots of the adjacent workers have similar schemes and no they don't put a post-it on the monitor. Frowned upon, ya know! If you ask her why she doesn't do something less easy to crack, she'll tell you she can't remember it. I can't either! As to the 1024 length, it's partially because I've been told that the longer the PW, the harder it is to crack. Secondly, Win ... um ... NT probably was the first 32 bit OS: why the hell did they limit themselves to 32 bit? Don't these people ever learn their lessons? Then it went to 64 bit... Yikes! Another short-sighted effort. What's wrong with 256 bit addressing? And there's a practical problem here. On a 32 bit machine you can't have memory more than 3 and change gig! Eventually 64 will be too small and we'll have another painful migration issue. So maybe 1024 for the PW is a bit overboard at the moment but eventually there'll be a use for it. (The other item that really annoys me is multiple users (also introduced in NT IIRC). Who lets someone else use their machine, except on a very limited basis? For one thing do you want those grubby fingers on your keyboard? Why Msoft can't come out with a single user OS I don't know.) Well, back to the PW: I don't want to tell someone how to do it but it probably requires modification to the OS at the point of asking for the PW. I'd guess. Well, just as I use a physical key to unlock the front door of the house, I'm suggesting that the physical key to the computer is a USB stick (with a PW). Maybe if you just type "USB" for the PW, your modified OS will know to look at the USB ports etc. BTW, I already use a PW manager, known a Password Corral. It's free and depends on nothing except running on a 32 bit Windows machine. It's a bit clumsy and doesn't address the issue of a PW for the machine but for issues such as a replacement for the dog's name that you don't have to remember it's half way there. |
#2
Posted to alt.home.repair
|
|||
|
|||
OT Password in Win7
On Wednesday, April 23, 2014 12:56:43 AM UTC-4, wrote:
"Mayayana" wrote: Windows password cracking software exists and works quite well. The other options you talk about require actions on the part of software. I don't know of any function like that in Windows -- and certainly not in other software -- to do that. You can't just open the options settings in any program and set high security startup options. A lot easier would be to set a BIOS password. Boot into the BIOS and set a password for both the booting and for access to the BIOS itself. Then the only likely way to get around it is to remove the PC's battery for long enough to wipe the BIOS, or to take out the hard disk and hook it up elswhere. If the BIOS depends on non-default settings then people won't be able to wipe the BIOS without making the machine unbootable, so that's further security. But there's only so much you can do. If someone wants to get at the data on the disk they can probably do it. The only question is how expert they need to be. A further option would be to encrypt data on disk. You can password-protect ZIP files, for instance. I think Win7 also has on-disk encryption options, but I'm not familiar with them. ??????? I'm puzzled by this reply and most of the others in this thread. Maybe I just don't express myself sufficiently clearly. Maybe I confuse you with too much detail. Let's try again. I want to acquire a program which will do all the work for me. (Let's call it PW-Manager.) I don't want to learn about Linux. I'm not worried about people removing the HD and putting it in another machine, nor about people resetting the BIOS, nor about any super-sophisticated nerd doing any of the other things that people in this thread seem to be concerned about. KISS! Didn't I say the NSA can browse my machine at will? Or something similar. I just don't want, wife, kids, grandkids, visitors, cable guy, etc. deciding to see what hubby/dad/grandpa/etc has on his machine. And, my memory what it is, I can't remember what I had for breakfast, let alone any even slightly complex PW. Write the password down and put it in your wallet or wherever you would put the proposed physical USB type key. Seems that is about as secure as the physical key that you want. Let's beat it to death. Take my wife. If she's called on to put in a PW she uses the name of the dog. Not enough characters? She adds 123 at the end. This also satisfies the occasional company who wants something containing letters and numbers. If they insist she has to change the PW once a month, OK, put the 123 at the front of the dog's name. Following month she makes it name of the dog twice in a row followed by the name of the city she was born in. After a couple of months she can usually revert to the more simple name + 123. Even my 5-year old grandkid can crack this in a couple of minutes. In her office, lots of the adjacent workers have similar schemes and no they don't put a post-it on the monitor. Frowned upon, ya know! If you ask her why she doesn't do something less easy to crack, she'll tell you she can't remember it. I can't either! As to the 1024 length, it's partially because I've been told that the longer the PW, the harder it is to crack. To some extent that's true, but the problem with using the pets name followed by 3 numbers isn't the length, it's that everyone knows the pet's name. If you had a random password of the same length, it would be secure from the types of intruders on your list. Just 5 letters/digits gives 37^5 possible combinations. Guessing that is like winning the lottery. Secondly, Win ... um ... NT probably was the first 32 bit OS: why the hell did they limit themselves to 32 bit? Because the entire x86 CPU architecture at the tim e was only 32 bits, ie that was the register size, the physical address size and the main data size that the instruction set handles. If the hardware can only add two 32 bit integers, can only deal with 32 bit addressing, seems it would be a huge burden to design an OS for something that wouldn't be needed for another 15 years. Don't these people ever learn their lessons? Then it went to 64 bit... Yikes! Another short-sighted effort. What's wrong with 256 bit addressing? No CPU supports 256 bit addressing. The hardware doesn't support it, the instruction set doesn't support it. And no one sees the need for it for a very long time to come, probably never. It's kind of like TVs. You don't design a TV to handle what won't be needed for another 20 years. And there's a practical problem here. On a 32 bit machine you can't have memory more than 3 and change gig! Eventually 64 will be too small and we'll have another painful migration issue. Do you realize how big 2^64 is? It's so big I don't even know if we have a name for it. Plot a chart of memory density increases, ie Moore's law and you'll see that it's a non-issue. You'd be beyond the ultimate limits on semiconductor memory density imposed by physics. So maybe 1024 for the PW is a bit overboard at the moment but eventually there'll be a use for it. I doubt it. (The other item that really annoys me is multiple users (also introduced in NT IIRC). Who lets someone else use their machine, except on a very limited basis? For one thing do you want those grubby fingers on your keyboard? Why Msoft can't come out with a single user OS I don't know.) It is single user if you're the administrator, you have a secure password, and you don't add any other users. Well, back to the PW: I don't want to tell someone how to do it but it probably requires modification to the OS at the point of asking for the PW. I'd guess. Well, just as I use a physical key to unlock the front door of the house, I'm suggesting that the physical key to the computer is a USB stick (with a PW). Maybe if you just type "USB" for the PW, your modified OS will know to look at the USB ports etc. AFAIK, that's what would have to be done to support what you want. And in some ways, it's less secure than a PWD. I have a secure password that only I know. The USB stick, I could leave in the PC. Or I could leave it laying around somewhere. Where exactly are you going to put yours, that your wife, grandkids, etc won't find it? Safe? If you can remember the combination to a safe, I would think you could use those numbers for a PWD that is secure enough. BTW, I already use a PW manager, known a Password Corral. It's free and depends on nothing except running on a 32 bit Windows machine. It's a bit clumsy and doesn't address the issue of a PW for the machine but for issues such as a replacement for the dog's name that you don't have to remember it's half way there. |
#4
Posted to alt.home.repair
|
|||
|
|||
OT Password in Win7
| Well, back to the PW: I don't want to tell someone how to do it but it
| probably requires modification to the OS at the point of asking for | the PW. I'd guess. Well, just as I use a physical key to unlock the | front door of the house, I'm suggesting that the physical key to the | computer is a USB stick (with a PW). Maybe if you just type "USB" for | the PW, your modified OS will know to look at the USB ports etc. | | | What you want is called a secure access token. | I'm afraid you may be just adding more confusion. How is that going to prevent people from booting Windows or using other software that hasn't been designed to require the token? |
#5
Posted to alt.home.repair
|
|||
|
|||
OT Password in Win7
On Wednesday, April 23, 2014 10:38:49 AM UTC-4, Mayayana wrote:
| Well, back to the PW: I don't want to tell someone how to do it but it | probably requires modification to the OS at the point of asking for | the PW. I'd guess. Well, just as I use a physical key to unlock the | front door of the house, I'm suggesting that the physical key to the | computer is a USB stick (with a PW). Maybe if you just type "USB" for | the PW, your modified OS will know to look at the USB ports etc. | | | What you want is called a secure access token. | I'm afraid you may be just adding more confusion. How is that going to prevent people from booting Windows or using other software that hasn't been designed to require the token? +1 Years ago when I was in the field and had a corporate notebook, we used that type of device. It generated a number that I had to enter which was then authenticated by the network before allowing me to log on to the corp network.in. It's kind of like the common rolling code garage door opener codes or key codes for cars. The device you have and the other device are generating pseudo-random codes based on the same seed. I don't see how it solves the OP's issue of using a secure USB key of some kind instead of the normal Windows PWD when the PC boots. |
#6
Posted to alt.home.repair
|
|||
|
|||
OT Password in Win7
|
Reply |
Thread Tools | Search this Thread |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Forum | |||
OT Password in Win7 | Home Repair | |||
OT Password in Win7 | Home Repair | |||
OT'ish: Win7 32 bit and 64 bit OEM licences | UK diy |