Automatically starting Vista into an account?

[Guest]

I only have one account on this computer and whenever I start the computer
up, I have to click the single account icon to load everything up completely.
Is there any way to bypass the loading of the user account screen to boot
directly into the desktop or am I doomed to not be able to start the
computer, walk away for a few minutes then return to a fully-loaded desktop?

 

[Larry]

In user accounts look for must login checkbox uncheck it select. next your
account verify password and it will log you on as default user

 

[Guest]

Hello Larry. Thank you for the response, but I'm not seeing what you are
talking about anywhere in the User Accounts section. I'm not seeing "must
login" or any check boxes regarding the login screen at all. Can you give me
any betterdirections as to where to find it?

 

[Guest]

Is there any way to bypass the loading of the user account screen to boot

directly into the desktop

Yes

- Click Start
- Type: control userpasswords2
- Press enter
- Clear the Users must enter a username and password to use this computer
check box
- Click Apply
- Enter the user name and password you wish to automatically log on with,
and then click OK
- Click OK again

Hopefully Microsoft will make this easier before the Final Release.

- JB

 

[Guest]

Ahh, Jimmy. Thank you very much! So that's the only way to get to that "area"
of Vista, huh? Doing a control command? Wow ... yeah .. I hope they fix that
in the final version .. that's just silly. Thank you again for the help!

 

[Guest]

Ahh, Jimmy. Thank you very much! So that's the only way to get to that
"area"

of Vista, huh? Doing a control command? Wow ... yeah .. I hope they fix that
in the final version .. that's just silly. Thank you again for the help!

You're welcome

That is actually an advanced version of the user accounts control panel from
Windows XP that is still present in Vista.

I'm not sure how this will play out in Vista ... we'll have to wait and see
I suppose.

 

[Donald McDaniel]

Ahh, Jimmy. Thank you very much! So that's the only way to get to that
"area"
of Vista, huh? Doing a control command? Wow ... yeah .. I hope they fix
that
in the final version .. that's just silly. Thank you again for the help!

Why would this be silly? It was the same under WinNT and XP. I see no
reason to change it anytime soon.
Such a powerful option SHOULD be hidden from most users, and only available
to the Computer Administrator. My hope is that Microsoft WON'T make it
"easier" for users to login auto-magically.

What I think is silly is the ability to simply click to grant Administrator
permission for various operations. It should be DIFFICULT to grant Root
permission, not EASY. Even mouse-clicks can be programmed into malware
installation if needed, after all.

 

[Donald McDaniel]

You're welcome

That is actually an advanced version of the user accounts control panel
from
Windows XP that is still present in Vista.

I'm not sure how this will play out in Vista ... we'll have to wait and
see
I suppose.

I certainly hope that Microsoft WON'T make a bad decision and make it EASIER
to change account characteristics. That would simply CONTINUE Microsoft's
long record of poor security measures.

After having used a truly secure OS (OS X), I have come to appreciate the
way OS X requires the entry of a username/password combo to login.
Microsoft would do well to take Apple's lead in this area.

==

Donald L McDaniel
Please reply to the original newsgroup.
===========================================

 

[Guest]

I certainly hope that Microsoft WON'T make a bad decision and make it EASIER

to change account characteristics. That would simply CONTINUE Microsoft's
long record of poor security measures.

Nonsense. Allowing a home user automatically log in when they start their
computer has ZERO security implications.

 

[Guest]

Why would this be silly? It was the same under WinNT and XP. I see no

reason to change it anytime soon.
Such a powerful option SHOULD be hidden from most users, and only available
to the Computer Administrator. My hope is that Microsoft WON'T make it
"easier" for users to login auto-magically.

It is, and will be, only available to administrators.

What I think is silly is the ability to simply click to grant Administrator
permission for various operations. It should be DIFFICULT to grant Root
permission, not EASY. Even mouse-clicks can be programmed into malware
installation if needed, after all.

It is not possible to simulate mouse clicks on the UAC dialog, unless the
machine has already been compromised by a VERY, VERY skilled programmer.

 

[Guest]

Let's not take this out of context, now. I said it was "silly" to not allow a
single home-user to automatically login without having to click their "user
account icon" on the primary pre-load screen. Security is great, but if you
only have one account and set it up as though there's only one admin
(yourself), there should be a way to set it to auto-load that one profile
without interupption. Example, why would my parents - who have enough problem
learning how to type - have a need to click their account icon when nobody
else uses that computer and/or has a need to "log in/out"?
That's all that was implied - nothing about security measures or the like.
I'm all for security in *ANY APPLICATION* - just not about more clicks then
needed to get into my own computer system.

 

[Kerry Brown]

On a properly setup, secure computer your parents would never need to use an
administrator account for normal day to day use. They would use a standard
user account with a password. The other account would be an administrator
account with a password.

 

[Guest]

Yes, but the point is that John Q. Normalperson who only has one account on
their computer shouldn't need to click a user account icon when there is only
one account on the computer. Any "tech-savvy" person would know how to bypass
that and input the Admin l/p when needed. As far as the standard account
goes, what would happen if somebody tried to install a program that requires
Admin access? I just don't see the reason why having to click a picture
allows you to log in when the computer is not shared with anybody else. That
is the question here, not admin privies, security or any other. The situation
I was giving was simply, "there's one account on the computer - by anybody
tech-savvy or not - why would they ened to "click the picture" to load to the
desktop when XP (by default - at least in my case) loaded the one and only
profile on it.
I gues what I'm saying is this (since I can't get the correct words out,
apparently) ... why would I, someone who has enough computer knowledge to fix
anything gone wrong (most of the time) but not MS-knowledgable enough to know
what "control userpasswords2" is, need to click a picture to load to the
desktop when nobody else uses this computer?

 

[David J. Craig]

It does have security implications. If the computer is stolen, anyone will
have access to any encrypted files if they implemented it. Using EFS is
connected with the logged in user and with no password it is not protected.
Usually very few home users will use encryption, but having children or
guests using limited accounts also help keep the computer running.

 

[Jimmy Brush]

It does have security implications. If the computer is stolen, anyone

will have access to any encrypted files if they implemented it. Using EFS
is connected with the logged in user and with no password it is not
protected. Usually very few home users will use encryption, but having
children or guests using limited accounts also help keep the computer
running.

You are correct.

I retract my statement; it does have security implications if physical
security is compromised. However, I don't think automatic logins would play
a huge part of hurting physical security in the case of your average home
user, who doesn't use encryption and has weak passwords.

I'm not saying that automatic login should be enabled by default; I'm just
saying users should have the ability to easily enable it if they want it

As for EFS security via stolen computers, even if automatic login was
disabled, all the attacker would have to do is crack either the user account
password or the admin password, which isn't hard if you have the computer.

Granted, this may provide some security... I guess it depends on what the
thief is after

- JB

 

[David J. Craig]

EFS does not work that way. Cracking the administrator password will not
provide access to encrypted data protected by another account. Yes, the
password storage scheme is fairly weak and they can be zapped with
utilities, but EFS credentials are dependent upon the user password being
changed in a authorized way or access to encrypted files are lost. That is
why users have to save their recovery keys so they will not loose access to
those files. Using strong passwords do help prevent hackers who have the
computer. The passwords are saved as a hash (MD5?) so reversing a strong
key will be difficult.

 

[Jimmy Brush]

Administrator can use his recovery key to unlock any other user's EFS files
.... he is a recovery agent by default. At least in Windows XP ... I believe
that a user can opt to change this, but I'm pretty sure that is what it
defaults to.

So figuring out the administrator's password would be able to recover EFS
files for all users on the system ... granted, an outrageous password for
the admin account would take a long time to crack ... but I think the actual
security of EFS has been hyped a little too much ...

Now, the new BitLocker stuff in Vista, that is impressive!



- JB

 

[Kerry Brown]

Not having passwords could allow rogue processes to gain elevated privileges
or at a minimum allow a remote user to logon or access shares. Even a home
user benefits from this security. They may have a misconfigured wireless
router which allows their neighbor to access the tax files on their computer
all because they don't have a password. If all accounts have a strong
password then a "tech-savvy" person would need to edit the sam database to
gain access. Granted a truly for a truly knowledgeable hacker this is fairly
trivial but then that is true of all OSs if you have physical access.

There is no need for a standard account to install programs. You logon as an
administrator when you want to install something. Yes, it's less convenient.
The alternative is what we have now, rampant malware, viruses, and millions
of compromised computers. Do you lock your car when you leave it parked in
the city? Why do you want to hand everyone the keys to your computer?

 

[Kerry Brown]

Have you used EFS? Logging in as an administrator won't give you access to a
user's encrypted files unless this was setup in advance. A domain
administrator may be a default recovery agent. A local administrator is not
by default.

 

[Jimmy Brush]

Have you used EFS? Logging in as an administrator won't give you access to

a user's encrypted files unless this was setup in advance. A domain
administrator may be a default recovery agent. A local administrator is
not by default.

You are correct ... I guess I haven't kept upt with EFS . I still don't
think it's a very effective solution, although it's better than nothing.

- JB