Password questions:

[its_my_dime]

I need to protect a laptop with a password. Some questions: (Windows XP
home ...one user named Owner)

Exactly what is the difference between a password set in the bios and one
set from the control panel - user?

What happens if I lose or forget the password?

Is a password recovery disk (left in a safe place) a useful idea?

Can a professional hacker somehow override a password?

Do I also need a screensaver password?

Thanks.

 

[Ken Blake, MVP]

I need to protect a laptop with a password. Some questions: (Windows
XP home ...one user named Owner)

Exactly what is the difference between a password set in the bios and
one set from the control panel - user?

A password set in the BIOS prevents someone who doesn't know it from using
the computer.

A password set in Windows prevents someone who doesn't know it from using
Windows. He can still boot a different operating system from a diskette,
CD, etc. Once he's booted he can have access to the files on the drive.

That may sound like the BIOS password is much better than a Windows
password, but unfortunately a BIOS password is trivially easy to get around.
Removing the motherboard battery for a few minutes resets all the CMOS
settings, including the password.

What happens if I lose or forget the password?

See above.

Is a password recovery disk (left in a safe place) a useful idea?

Depends on what the safe place is, and just how safe it is.

Can a professional hacker somehow override a password?

See above.

Do I also need a screensaver password?

No.

What is your concern?. What protection are you trying to achieve and why? A
password may not be the best way to go about this.

 

[Blayde]

A password set in the BIOS will not allow the computer to boot unless
it is provided. The problem with this is that it can be reset so it
only provides limited protection. A user password will not allow
someone to log on to Windows unless it is provided. Be sure that there
are no accounts active. Screen saver passwords are good, they use your
log on password. My advice is to use complex passwords on everything
and make sure you keep a record of your passwords in a safe place
-Blayde

 

[Blayde]

A password set in the BIOS will not allow the computer to boot unless
it is provided. The problem with this is that it can be reset so it
only provides limited protection. A user password will not allow
someone to log on to Windows unless it is provided. Be sure that there
are no accounts active. Screen saver passwords are good, they use your
log on password. My advice is to use complex passwords on everything
and make sure you keep a record of your passwords in a safe place
-Blayde

 

[Guest]

I need to protect a laptop with a password. Some questions: (Windows XP
home ...one user named Owner)

Exactly what is the difference between a password set in the bios and one
set from the control panel - user?

when set, a bios password is required to make changes in the bios
settings, a user account is used to restrict access into windows.

What happens if I lose or forget the password?

Youwould have to run an xp recovery if you forget the administrators
password.

Is a password recovery disk (left in a safe place) a useful idea?

Can a professional hacker somehow override a password?

if they are physically in front of your pc yes very easily (i could
boot your pc into linux live and access all your files and destroy
windows and you can't stop me)

Do I also need a screensaver password?

no more-so than you need a login password.

Thanks.

pleasure.

Flamer.

 

[its_my_dime]

I need to protect a laptop with a password. Some questions: (Windows XP
home ...one user named Owner)

Exactly what is the difference between a password set in the bios and one
set from the control panel - user?

What happens if I lose or forget the password?

Is a password recovery disk (left in a safe place) a useful idea?

Can a professional hacker somehow override a password?

Do I also need a screensaver password?

Thanks.

Thanks, everyone.

I think what you are telling me is:

-a bios password probably is not useful. Anyone capable of playing with the
bios can also remove the battery.

-a windows password will keep my houseguests and perhaps a hotel housekeeper
out of the computer but if the computer gets stolen and turned over to a
professional, the password is useless.

Additional question: will password protection stop people from reading
Excel or Word files if they get into the computer?

Again, thanks.

 

[Blayde]

Excel and Word have utilities to password protect themselves. You would
have to use those utilities to keep others from reading them. Also an
encrytion program might be good if you want to protect other files.

-Blayde

 

[Andrew Murray]

Thanks, everyone.

I think what you are telling me is:

-a bios password probably is not useful. Anyone capable of playing with
the bios can also remove the battery.

-a windows password will keep my houseguests and perhaps a hotel
housekeeper out of the computer but if the computer gets stolen and turned
over to a professional, the password is useless.

Additional question: will password protection stop people from reading
Excel or Word files if they get into the computer?

Again, thanks.
These days, (I think) you can protect with passwords individual files such
as excel documents and word documents (at least in MS Access you can
protect databases) Again, how secure this is, I don't know.

 

[AZGLI]

If you are concerned about theft, I would recommend two approaches.
First, use encrypted NTFS with windows XP, and second, get a hardware
lock for the hard drive. This is a piece of hardware that uses a USB
dongle type device and an encryption card to lock the data on the hard
drive at the hardware level. The encryption card actually goes inline
between the drive and the MoBo. They aren't cheap and are a little
difficult to find. Also, if you lose the dongle, you are SOL. This is
the best way to prevent data loss I know of.

HTH

 

[C.Joseph Drayton]

I need to protect a laptop with a password. Some questions: (Windows XP
home ...one user named Owner)

Exactly what is the difference between a password set in the bios and one
set from the control panel - user?

What happens if I lose or forget the password?

Is a password recovery disk (left in a safe place) a useful idea?

Can a professional hacker somehow override a password?

Do I also need a screensaver password?

Thanks.

Hi,

Since you are using a laptop, you should do a couple of things.
First of all set the supervisor password. Note that the supervisor
password is different from the login password. The supervisor
password actually limits access to the BIOS. Make the password
complicated. Once you have set the supervisor password, change the
boot order of the laptop. Set it so that it boots from the hard disk
first. Basically what this does is stop someone from booting a
different OS off of a USB or CD then reading your hard disk.

Next set a Windows password. I use passwords of 10 to 16 characters
and change the password every 30 days. Again, try to make the
password as complicated as you can.

The last step, is to use a program like TrueCrypt to create an
encrypted volume. Then store your data on the encrypted volume. What
I actually do, is use PasswordMaker with a 10 - 16 character
password that I then use it to generate a 64 character password. I
use the 64 character generated password to mount the TrueCrypt volume.

Theoretically any encryption can be cracked if a person has the
computing resources to do, but realistically, a TrueCrypt volume
using SHA-256 with a 64 character password is unbreakable. I do
classified work at times and the agency I do the work for has
approved my security procedures for use on a laptop that has direct
access to their data and networks.

Ciao . . . C.Joseph

And on the seventh day God said,
"I will rest . . . Murphy take over."