• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

Locking down Win PC

Collider

Collider

Senior member
I'd like to know what is the conventional wisdom for password protecting your PC besides windows login. Basically I'm looking to add an additional layer on top of Active Directory login. Any 3rd party tools around that do a better job?
 
If your AD password is secure, then logins on your system are secure. If not, change your password.

I honestly can't think of a reason why you would want/need a secondary login requirement unless you're afraid that a domain admin might log in and find something you don't want them to see. If that's the case, stop doing whatever it is you are doing that is against company policy.
 
avp2306 said:
Well I'm not looking to encrypt my files, just restrict login.
Click to expand...

If you're just talking about AD/Windows authentication and want to go past username and password, you can look into two-factor authentication... smartcard/usb-token and PIN.
 
seepy83 said:
If you're just talking about AD/Windows authentication and want to go past username and password, you can look into two-factor authentication... smartcard/usb-token and PIN.
Click to expand...

Can you give me some info on how to set this up, I'm assuming this would function kind of like a usb key right?
 
Fardringle said:
If your AD password is secure, then logins on your system are secure. If not, change your password.

I honestly can't think of a reason why you would want/need a secondary login requirement unless you're afraid that a domain admin might log in and find something you don't want them to see. If that's the case, stop doing whatever it is you are doing that is against company policy.
Click to expand...

Not really, I also know that windows stores the hash (I may have the terminology wrong) of the password somewhere locally, so it could be bypassed.
 
avp2306 said:
Can you give me some info on how to set this up, I'm assuming this would function kind of like a usb key right?
Click to expand...

This document is probably a good starting point:
http://www.microsoft.com/en-us/download/details.aspx?id=4184

Edit: I realize that the doc linked is written in reference to server 2003. Basically, all of the concepts still apply in 2008, but there might be slight differences in specifics. There may be an updated one available for 2k8.
 
Last edited:
BIOS PW or HD encryption. Only downside is if the HD dies its a bitch to grab data off the drive. Thats why I use roaming profiles for my users.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top