pimmo2000

iTrader: (6)

I need to work out how to set my Networked PC to only allow me to log on. I have development user rights so I can access regedit etc.. but just need an idea what to change ?

Luminous

iTrader: (3)

Is just passwording your account too simple?

pimmo2000

iTrader: (6)

My account is passworded.. but I want my PC to only allow my log in !

HankScorpio

start
run
secpol.msc

expand local policy, user rights
Set "allow logon locally" to yourself and if you don't want to **** people off - "administrators".

pimmo2000

iTrader: (6)

Oh sir you are a GOD

HankScorpio

nah, geek maybe...

pimmo2000

iTrader: (6)

What about making it refuse certain log ins ?

pimmo2000

iTrader: (6)

Deny log on locally... ****ing magic

Luminous

iTrader: (3)

I must have missed the point here somewhere.

I got the impression you were talking about your own personal networked PC. In which case removing any spurious accounts (apart from admin and your own) then making sure they are passworded it job done

HankScorpio

I'm guessing shared networked pc in an office (shifts..?).

Secpol is very powerful and it's not smart so will only do what you tell it with no sanity check so a little caution required, it can end in tears and rebuilds....

Luminous

iTrader: (3)

oh yeah, been there...done the rebuild

If it is in an office, if there is no physical security then there are various ways to gain access. I have never been in the cracking scene, but I do know that there are tools that fit onto a USB pendrive that can allow a knowledgable user to gain access.

If its your files that are on the machine that you need to secure, you need to actually encrypt them. Relying on windows to do the job is not sufficient. If someone resets the admin password, they can take ownership of your files, even if you use Windows encryption.