Re: Tweak UI - Password encryption and autologon
- From: Naresh <Naresh@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 11 Oct 2007 00:41:00 -0700
Thanks Ramesh,
In autologon with encrypted password case, is there any way to retrieve the
default password before user logs in ? I have my own custom GINA & I need the
username/password before user logs in (to establish network connection for
domain/network logon).
I tried to retrieve the encrypted password using LsaRetrievePrivateData()
before LOGON, but I got error RPC_NT_SERVER_UNAVAILABLE(0xC0020017) while
trying to open PolicyHandle using LsaOpenPolicy(with
POLICY_GET_PRIVATE_INFORMATION access right)
Thanks in advance,
Naresh
"Ramesh, MS-MVP" wrote:
It's stored in a protected area. So does the Userpasswords2 method..
Protecting the Automatic Logon Password:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/protecting_the_automatic_logon_password.asp
--
Ramesh, Microsoft MVP
Windows XP Shell/User
http://windowsxp.mvps.org
"Larry Williams" <LarryWilliams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:9F2725D9-1559-43D2-8E0A-25A3247227A8@xxxxxxxxxxxxxxxx
Not with my version of Tweak 2.10.0.0. I even did a search from my
password
in the registry.
Could it be you've set the registry password some other way?
"Doug Knox MS-MVP" wrote:
TweakUI does store the password in the Registry, un-encrypted.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
DefaultPassword
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Larry Williams" <LarryWilliams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:2B5A2991-888F-4243-B69E-9F86B7132290@xxxxxxxxxxxxxxxx
Okay. Thanks.
I was hoping the Tweak stored your password in the registry but I
wasn't
able to find it.
I read chapter 15 of the MS XP Registry Guide and plan on seting this
up
just before the restart and including an entry for the "AutoLogonCount"
of 1
so the information is automatically removed after the restart.
"Doug Knox MS-MVP" wrote:
You can't. The autologon feature expects to see a plaintext password.
You're only option would be to write a custom GINA DLL for
authentication that would know how to decrypt the stored password.
--
Doug Knox, MS-MVP Windows Media Center\Windows Powered Smart
Display\Security
Win 95/98/Me/XP Tweaks and Fixes
http://www.dougknox.com
--------------------------------
Per user Group Policy Restrictions for XP Home and XP Pro
http://www.dougknox.com/xp/utils/xp_securityconsole.htm
--------------------------------
Please reply only to the newsgroup so all may benefit.
Unsolicited e-mail is not answered.
"Larry Williams" <LarryWilliams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:84365F2D-EEF9-409F-85D4-B2813F7F4C6B@xxxxxxxxxxxxxxxx
I'm writing a program that will accept a userid and password to do
an
autologon after a restart using the following registry entries:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows
NT\CurrentVersion\Winlogon
DefaultUserName "your_username"
DefaultPassword "your_password"
AutoAdminLogon "1"
However, if for some reason my program doesn't run properly and
remove the
userid/password when it's finished then I want to ensure that the
password
can't just be read from the registry. Therefore I need to know how
to do the
same thing that Tweak UI does and store an encrypted version of the
password.
Any ideas?
- Prev by Date: Re: has someone give a hand?
- Next by Date: Re: "Access denied" to run msconfig yet all accounts are administr
- Previous by thread: Re: Windows XP Login Screen
- Next by thread: Automatic updates
- Index(es):
Relevant Pages
|
