[ABC home]    [ABC Archives by Issue]   [ABC Archives by Author]  [Search]  [Privacy]

 

ABC Home Page
ABC Home

 
Advertise in ABC

 

Learn more
about
Vic Ferri
Vic Ferri

Read
Vic's Archives
Vic's Archives

 

Subscribe to
Vic's
WinTips&Tricks
 WinTips&Tricks Email Support Group and Newsletter

Subscribe to
Vic's
Registry Answers
 Registry Answers Newsletter

PowerPoint to Exe
convert PowerPoint presentations to exes

Lock 'n Hide
Folder Security
Hide files and folders in Windows 9X

Free Demo

Great prices on computer magazines

Learn the Registry in plain English

 Mr. Ink Man - Great prices on ink cartridges

 

 

 

ABC ~ All 'Bout Computers
The Online Web-azine for Computer Enthusiasts
-- brought to you by
Visit Linda's Computer Stop
contents page for this issue

 


 Support ABC

 

Linda's Ebooks
 Ebooks on Access, Excel, Outlook, PowerPoint, Publisher, and Word

Linda's CD
 Order Linda's CD and learn all of the Office programs

The Newbie Club
Learn all about computers the easy way

Online classes
at Eclectic Academy
 Instructor led online courses at Eclectic Academy

My Newest Book
Excel 2003 Study Guide

published by Wiley
get it at Amazon,
at Barnes & Noble,
or at Borders

FrontLook
Add-ins
& Screen Capture
Great FrontPage addins and other software

WinBackup
SpeedUpMyPC
WinTasks5Pro
great Windows utilities

 
 

Vic's Registry RoundUp and DOS Den
~~Vic Ferri, Win Tips and Tricks

Increasing Logon Security in Windows 95, 98, 98SE, and ME

If you are using Windows 95, 98, 98SE or ME with multiple profiles (more than one user) you probably know that setting a logon password for each user gives no real security. Anyone can just hit cancel or press Escape to bypass the logon prompt and gain access to that users profile. Because of this security flaw, most users prefer to avoid the prompt altogether (see Linda's article "But I Don't WANT to be Prompted for a Password!" in TechTrax,
http://pubs.logicalexpressions.com/Pub0009/LPMArticle.asp?ID=86 )

However, if you would like the idea of using the Windows logon, provided the security was greater, than read on. In this article, I will show you how you can require users to have to enter the password to gain access to the computer. Pressing Cancel or the Escape key will no longer be a way out of entering a password or a way into the computer.

This will involve a simple reg edit. If you have never edited the registry before or have little experience with it, I advise you do a registry backup first. See my article on backing up the Windows registry if you need help with this: http://personal-computer-tutor.com/vic5.htm

The first step is to go to the Control Panel, click USERS, and follow the Wizard to create a new user account and profile.

Once done, restart your computer and logon with your new user name and password. This will now become your new default logon, and a new registry key with your new user name will be created.

You can see the registry addition for your new profile here:
HKEY_USERS\.DEFAULT\Software\USERNAME
USERNAME will be a key named with the user name you created.

Now comes the actual regedit to force users to logon.
Click Start>Run and type in REGEDIT. Click Ok.
This will open up your registry.
Now make your way down to this Run key:
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\
CurrentVersion\Run

If this particular Run key doesn't exist on your system, create it.
To do so, right click the CurrentVersion key and choose New>KEY.
Name the key Run.
Right click an empty area in the right hand pane for the Run key and choose New>String Value.
Name it NoCancel.
Now double click NoCancel and enter this line for the Value Data:

RUNDLL32 shell32,SHExitWindowsEx 0

Click Ok and exit the registry.
You are now done for this first user.

To test the change, reboot your computer. When the logon prompt asking you to enter a password appears, click Cancel.  You should now see the desktop start to load but then the logon prompt should return asking you for the right password. Pressing Escape should have the same effect. The logon box will keep returning until you enter the correct password. A user will no longer be able to bypass the password by pressing Cancel. This regedit will force the user to authenticate.

Adding new users

This is extremely important. When adding a new user, you must first delete the NoCancel registry value and then re-create it after the new user profile has been created and logged on at least once with the proper password.  In other words - delete the NoCancel value, create the new user, restart your computer, logon with the name and password of the new user, and then re-enter the NoCancel value and data in the registry.  The reason for this is that if the NoCancel value is not deleted first, the new user will adapt the default NoCancel value when first logging on, before the new HKEY USER key is created in the registry. This will cause the logon box to keep reappearing despite entering the correct password, since the new password is yet to be recognized.

Notes:

1. The NoCancel value doesn't have to be named NoCancel. It can be named whatever you like.

2. In case you have trouble with not being able to log on, simply enter Safe Mode and delete the NoCancel Run value in the registry. To enter Safe Mode in 95, press F8 at bootup around the time the "Starting Windows 95.." message comes up. This will bring up the Startup Menu from where you can select Safe Mode. In 98 and Me, press the Ctrl key at bootup.

Vic Ferri owns the very popular WinTips and Tricks and Registry Answers. Subscribe to either and receive free Windows and Registry Tips. He is also in charge of the Printing Tips pages at Linda's Computer Stop. Vic has also created a program which allows you to Lock & Hide desktop folders in Windows 9X/ME. Read more and get the free demo here. And, he now offers a service to convert PowerPoint presentations to .exe files which can be viewed on computers which do not have PowerPoint installed.
 

Privacy Policy, Disclaimer, and Legal Stuff

Pay Per Click Ads by Pay Per Click Advertising by Kontera

This page was last updated on Tuesday, September 23, 2008 . copyright © 2000 - 2008, Linda F. Johnson, Linda's Computer Stop, ABC ~ All 'Bout Computers. All rights reserved.