Re: Winlogon.exe and syskey
From: Eric Perlin [MS] (ericperl_at_online.microsoft.com)
Date: 09/23/04
- Next message: Eric Perlin [MS]: "Re: Problem accessing smart card reader via Remote Desktop"
- Previous message: Mathew: "Re: Observed CryptoAPI (or CSP?) changes in XP SP2"
- In reply to: hyu: "Re: Winlogon.exe and syskey"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 22 Sep 2004 15:07:41 -0700
This UI is not handled by GINA. It's an integral part of winlogon. No
customization is possible. Sorry.
-- Eric Perlin [MS] This posting is provided "AS IS" with no warranties, and confers no rights. --- "hyu" <hyu@discussions.microsoft.com> wrote in message news:07193883-7F92-4228-A43A-5793A0FCD05A@microsoft.com... > Hi Robert, > > I understand. Actually here is what I was thinking. If I could muck around > with that dialog in the GINA DLL, I can for example prompt user for some > other password or some other action (insert smart card) or something which > can use used to unwrap the input for that bootkey password prompt. In other > words, I can add more protection to the password. > > For instance I can generate password randomly and then encrypt that with > some other info which is then stored on smartcard. Essentially, I'd need to > stick in smartcard and enter smartcard PIN in order to provide means to > unlock the bootkey password which then subsequently unlocks the PEK for SAM. > > I'm aware of the option that syskey has for me to store the obfuscated syskey > on the floppy ... I guess I'm looking for ways to somehow involve storage > that's > a bit smarter than floppy (i.e. smartcard) :-) > > Regards, > > - Han > > "Robert Gu [MSFT]" wrote: > > > The purpose of this dialog is for you to enter the password. If you want to > > do this automatically, it defeats the purpose of this mode. you can use the > > SYSKEY in default mode, which does not ask for password. In this mode, you > > don't get much security as well. > > > > -- > > This posting is provided "AS IS" with no warranties, and > > confers no rights. > > > > "hyu" <hyu@wavesys.com> wrote in message > > news:92368458-82D7-4ED4-B2E3-A09AF3AAB723@microsoft.com... > > > Hi, > > > > > > When I use syskey utility to configure my bootkey to be derived from > > > password, I get this dialog prompt when I re-start my computer. I was just > > > wondering if there is a way for me to programmatically interact with this > > > dialog. Is this dialog loaded by Winlogon.exe? If so, can I do something > > > (i.e. write custom GINA dll) to intercept this dialog? > > > > > > Thank you. > > > > > > - Han > > > > > >
- Next message: Eric Perlin [MS]: "Re: Problem accessing smart card reader via Remote Desktop"
- Previous message: Mathew: "Re: Observed CryptoAPI (or CSP?) changes in XP SP2"
- In reply to: hyu: "Re: Winlogon.exe and syskey"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
