how to block naughty users in my house?

[Guest]

L. Beck,
could you please answer my question (today it's on page 9) to your comment on posting "other account users can't get on internet" I'm trying to recreate that problem as the solution to mine.

 

[Guest]

FORGET IT. THEY COULD JUST CREATE ANOTHER ACCOUNT ANYWAY. BACK TO A BOOT PASSWORD. CAN YOU TELL HOW TO CREATE ONE?

 

[Rosanne]

FORGET IT. THEY COULD JUST CREATE ANOTHER ACCOUNT ANYWAY. BACK TO A BOOT PASSWORD. CAN YOU TELL HOW TO CREATE ONE?

You'll have to power your computer down and back up. As it's coming up,
before Windows kicks in, it will give you the option to enter... oh
heck, I forgot what it's called. It's where you make changes to the
BIOS settings. On my computer, I think I hit F2 while it's booting, but
it will tell you. Poke around in the screens and you'll find an option
to set a boot password. DON'T change anything else that you don't
recognize - you're in very vulnerable territory when you're working with
the BIOS settings.

Good luck!

~ Rosanne

 

[Rosanne]

You'll have to power your computer down and back up. As it's coming up,
before Windows kicks in, it will give you the option to enter... oh
heck, I forgot what it's called. It's where you make changes to the
BIOS settings. On my computer, I think I hit F2 while it's booting, but
it will tell you. Poke around in the screens and you'll find an option
to set a boot password. DON'T change anything else that you don't
recognize - you're in very vulnerable territory when you're working with
the BIOS settings.

Good luck!

~ Rosanne

Sorry to double-post, but I checked it out (after dinner
In XP Pro, I have two options - Setup Menu (F2) and Boot Menu (F12). I
choose F2, Setup Menu.

You'll enter a very old-fashioned screen, where you arrow up and down
among the options, and use your [+] and [-] keys to get things done.
You don't have a mouse. Arrow down to the Security settings. "Enter"
that folder - I think I arrowed right. You'll get a submenu with at
least two choices. What you want to do is a) set a system (boot)
password AND set a "setup" password. You're doing that so that your
kids can't hit F2 and just turn off the boot password. Once set, you
don't have to ever change the setup password unless they find out what
it is. It's the OTHER password - the system/boot password - that you'll
be either turning on and off, or changing from a password they know to
one they don't.

WARNING - NOBODY can log onto your computer without this password,
unless they have physical access to your computer, and know a whole heck
of a lot about jumpers and computer hardware. Even if they do, it will
leave great big footprints all over the place. Since they won't know
the password, they would have to wipe the password entirely - which you
would probably notice...

In my mind, that would be a major no-no, calling for something a little
more heavy-duty than "no computer privileges".

This also means that if you forget the setup password, it's going to be
a major pain in the butt to get back on your computer - and will require
some savvy tech support.

I brought my computer in for some tech work, and they had to call me to
get the system password. They didn't want to just go trompling across
my motherboard tripping jumpers for no reason.

It's really easier than I'm making it sound. Give it a try!

Hope this helps!

~ Rosanne

 

[David]

perhaps I should have requested parent replys only on this one. I
thank you for your software advice. Now I'll use a search engine to
find it.

Prehaps you should have mentioned that it was your kids you needed to
block. Many assumed it may have been roomates or other adults that have
access to your computer.

Though its not a perfect solution. You might try parental control
software like Net Nanny or Cyber Patrol.

--

David

Programmers write "Help Files" for a reason. use them.

"Due to Viewer dicretion...
Graphic violence is advised"

http://www.HeroicStories.com/
http://www.thisistrue.com/

 

[David]

FORGET IT. THEY COULD JUST CREATE ANOTHER ACCOUNT ANYWAY. BACK TO A
BOOT PASSWORD. CAN YOU TELL HOW TO CREATE ONE?

Limited accounts can't create new accounts. Only an Admin account can
do that.

Also, Please don't post in all caps. It is considered as Yelling and
is rude. Thank you.

--

David

Programmers write "Help Files" for a reason. use them.

"Due to Viewer dicretion...
Graphic violence is advised"

http://www.HeroicStories.com/
http://www.thisistrue.com/

 

[Rosanne]

Limited accounts can't create new accounts. Only an Admin account can
do that.

Also, Please don't post in all caps. It is considered as Yelling and
is rude. Thank you.

a) The OP said it was for the kids (in an early post)

b) The OP just wants a quick way to block them out temporarily, without
having to wade through the Administrator areas. The boot password
approach worked extremely well for me, in the same situation. Mine was
actually worse, because I was running Win98 for Home. Much more
difficult to control access - the "accounts" really only controlled the
profiles of the users, and you could create a new "account" (profile)
just by typing a new name in the "User" field. There MAY have been a
way to block that, but I didn't find it in the four years I used that
computer regularly.

There are probably other solutions - maybe involving changing passwords
to the ISP if it's just the Internet you want blocked. Of course, you'd
have to make sure the password wasn't stored - that the system prompted
for it. Thing is, when my kids were grounded, they weren't even allowed
to log on.

~ Rosanne

 

[David]

a) The OP said it was for the kids (in an early post)

The OP did not make it clear that he was refering to his kids
until after others had posted. The OP's reply to these posts
were condensending, to say the least.

b) The OP just wants a quick way to block them out temporarily, without
having to wade through the Administrator areas.

Wading through Admin areas is not nessacary, Especially if
assuming that the OP runs as Admin. Using limited account for
his kids, the OP can specify certain hours that those accounts
can log on. Details for setting time limits can be gotten with
a simple request to these newsgroups.

The boot password
approach worked extremely well for me, in the same situation.

Boot Passwords ( BIOS Passwords ) are extremely easy to
circumvent. Simply open the case and move a jumper or remove
the CMOS Battery for a short time and the BIOS Password is
cleared.

If the OP's children don't already know how to do this, They
can found out very simply by makng a few inquiries to thier
local school geek population.

Mine was
actually worse, because I was running Win98 for Home. Much more
difficult to control access - the "accounts" really only controlled the
profiles of the users, and you could create a new "account" (profile)
just by typing a new name in the "User" field. There MAY have been a
way to block that, but I didn't find it in the four years I used that
computer regularly.

Win98's Screen door security is irrelevant. XP Has mucg
tighter security then Win98.

for it. Thing is, when my kids were grounded, they weren't even allowed
to log on.

Are you sure? No offense. But, Many kids today are a lot
smarter then thier parents about computers. I know my parents
couldn't keep me out of our computer when I wanted to use it.
No matter how hard they tried. And, my parents aren't stupid (
Don't tell them I said that ).



--

David

Programmers write "Help Files" for a reason. use them.

"Due to Viewer dicretion...
Graphic violence is advised"

http://www.HeroicStories.com/
http://www.thisistrue.com/

 

[Jupiter Jones [MVP]]

David;
You have flawed logic.
You say "Boot Passwords ( BIOS Passwords ) are extremely easy to
circumvent"
Are you suggesting using Limited Accounts as a way to control who uses
the computer?
If so that is the failure in your logic.
Everything is easy if you violate something here:
http://www.microsoft.com/technet/tr.../technet/columns/security/essays/10imlaws.asp
You also say "I know my parents couldn't keep me out of our computer
when I wanted to use it."
If that is true and you got in anyways, your parents have a great deal
to learn. (and most of it is easy and already well known)
All I will say is you will not in my home on my computer.

 

[David]

David;
You have flawed logic.

How is it flwaed?

You say "Boot Passwords ( BIOS Passwords ) are extremely easy to
circumvent"
Are you suggesting using Limited Accounts as a way to control who uses
the computer?

Yes, As an Admin can temporarly disable a limited account when they
wish. They can also set limites to what times a limited account can log
on. The admin can set the limited accounts so that they can only be used
during hours which he is home and able to supervise.

If so that is the failure in your logic.
Everything is easy if you violate something here:
http://www.microsoft.com/technet/treeview/default.asp?

url=/technet/columns/security/essays/10imlaws.asp

Any security is only as good as the amount of efort one is willing to
put into cirumventing it. Even Fort Knox can be breached if one is
willing to put forth the effort.

It is a lot easier to clear a BIOS password then to force access to a
locked limited account is XP. You have a lot to learn if you think a
BIOS Password is better then account restrictions in XP.

You also say "I know my parents
couldn't keep me out of our computer when I wanted to use it."
If that is true and you got in anyways, your parents have a great deal
to learn. (and most of it is easy and already well known)

The 'net wasn't available in those days ( At least, not to the public )
and such information wasn't as easy to get as it is today.

All I will say is you will not in my home on my computer.

Set your computer up with a BIOS Passwod as the only security and I
can be in it in less then 10 minutes.

The OP taking the keyboard with him is a better solution then a BIOS
password. At least, the means the kids need to aquire another keyboard
if they want access.



--

David

Programmers write "Help Files" for a reason. use them.

"Due to Viewer dicretion...
Graphic violence is advised"

http://www.HeroicStories.com/
http://www.thisistrue.com/

 

[Jupiter Jones [MVP]]

David;
You said "How is it flwaed?"
The answers are in the link I gave.

You apparently did not read the link I posted.
Both BIOS and account passwords can be easily breached.

Obviously Administrators can control Limited accounts.
However the same thing that makes the BIOS password not foolproof also
applies to the Administrator password.
I did not say a BIOS password is better than Administrative control,
however it is for some while the opposite is better for others.

I never even suggested "...BIOS Password as the only security..."

And I said and meant "...not in my home on my computer" and I said it
again.
You can not get in my computer in 10 minutes or even 10 hours for that
matter.

If you had read the link I gave you would know all this.