Re: Hide Username when pc awakes
- From: "Steve Riley [MSFT]" <steve.riley@xxxxxxxxxxxxx>
- Date: Fri, 21 Sep 2007 20:49:23 -0700
I don't normally repeat myself in these groups, nor chime in when the discussion seems to be going in a bad direction. But I will do so here.
Is it so hard to implement such a stupid little feature?
No, it isn't hard at all to implement what you're asking for. But that isn't the question to ask. The question is: does the feature actually increase security? As opposed to simply making one "feel" more secure?
I'm glad, Richard, that you read my article. In it, I was pretty clear that a "secret" ID plus a password is no more secure than a public ID plus a good password. By good I mean a passphrase of 15-20 characters: think a simple sentence. Something easy to remember and virtually impossible to attack. Trying to hide a user ID (designed to be public) adds no more security; in fact, it can weaken security because people who do this often choose very weak passwords.
Security isn't achieved simply by the vendor adding features and the users implementing them. Security is achieved by analyzing the risks and threats of a particular environment, and applying appropriate policies, processes, and technologies. Our obligation as the manufacturer of Windows is to provide you with technologies that help you mitigate actual threats, based on sound computer security science.
--
Steve Riley
steve.riley@xxxxxxxxxxxxx
http://blogs.technet.com/steriley
http://www.protectyourwindowsnetwork.com
"Richard" <fdr@xxxxxxxxx> wrote in message news:6E2F09A1-0B8E-4DE9-91F0-E45DFC76B154@xxxxxxxxxxxxxxxx
Is it so hard to implement such a stupid little feature?.
Anyways thank-you for your insight. End of discussion.
"Bruce Chambers" wrote:
Richard wrote:
> Can anyone else shed some insight? Links that describe this perhaps?
>
> It's rather silly on Microsoft's part if you cannot change this.
>
How is it "silly?" If you allow the computer to go into Standby while
you're logged in, you'll still be logged in when the computer come out
of standby. That's the whole point of the "Standby" feature; to pick up
where you left off.
If you want better security, never use Standby. Log out when you're
not actively using the computer. It's that simple.
--
Bruce Chambers
Help us help you:
http://dts-l.org/goodpost.htm
http://www.catb.org/~esr/faqs/smart-questions.html
They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin
Many people would rather die than think; in fact, most do. -Bertrand Russell
- References:
- Re: Hide Username when pc awakes
- From: Bruce Chambers
- Re: Hide Username when pc awakes
- Prev by Date: Shared folders
- Next by Date: Re: How to enforce user to login with password in Windows XP (Sp2)?
- Previous by thread: Re: Hide Username when pc awakes
- Next by thread: Re: Problem with mcafee
- Index(es):
Relevant Pages
|
