masterpointer
Content Type
Profiles
Forums
Events
Posts posted by masterpointer
-
-
masterpointer, why have you posted two replies with only the quote from one of my replies? Enjoy, John.
I'm probably doing something wrong!?
I click on the "Quote"below the entry, type my reply (like here) and then click on the "Ädd Reply" button below.
I finf the setup a bit confusing. It would have been easier if it said: ""Reply to this Entry" and then after your reply "Submit your Reply" or something along those lines. Not sure what the "Quote" boxes mean.
Sorry if I have done it wrong.
0 -
I looked for an encrypt option in nLite Unattended and found none. I was wrong. My PW shows up in clear text in the Registry as -X- pointed out. I have found no way to keep my key from showing up there or on the installation CD. The command to set the key is in the nLite.inf (NLITE.IN_) file in the ISO. The only thing I can think of is to change the PW after installation. Perhaps I could delete the command in the nLite.inf file before the ISO is cut. Setting the EncryptedAdminPassword="No" to "Yes" in the Winnt.sif file causes Setup to stop and ask for the Administer PW. It does not effect the account I defined. I hope someone has some ideas. Enjoy, John.
EDIT: Well, I tried deleting the command to set the Registry key from nLite.inf and during the install, on the last boot, I was prompted for my PW. After this, installation completed, but when I restarted, just before the Login screen, I got a message to enter my PW, but it did not pause for me to do it. It went to the Login screen and hung with "Windows is starting..." I have a modified Login screen and perhaps this is part of the problem, but deleting the command that sets the key is not the solution.
EDIT2: I deleted the DefaultPassword key in my VM and it trashed my Auto Login. It now asks for my PW. Funny, this key does not exist in my real machine and Auto Login works. I used control userpasswords2, to setup my Auto Login in my host.
0 -
I looked for an encrypt option in nLite Unattended and found none. I was wrong. My PW shows up in clear text in the Registry as -X- pointed out. I have found no way to keep my key from showing up there or on the installation CD. The command to set the key is in the nLite.inf (NLITE.IN_) file in the ISO. The only thing I can think of is to change the PW after installation. Perhaps I could delete the command in the nLite.inf file before the ISO is cut. Setting the EncryptedAdminPassword="No" to "Yes" in the Winnt.sif file causes Setup to stop and ask for the Administer PW. It does not effect the account I defined. I hope someone has some ideas. Enjoy, John.
EDIT: Well, I tried deleting the command to set the Registry key from nLite.inf and during the install, on the last boot, I was prompted for my PW. After this, installation completed, but when I restarted, just before the Login screen, I got a message to enter my PW, but it did not pause for me to do it. It went to the Login screen and hung with "Windows is starting..." I have a modified Login screen and perhaps this is part of the problem, but deleting the command that sets the key is not the solution.
EDIT2: I deleted the DefaultPassword key in my VM and it trashed my Auto Login. It now asks for my PW. Funny, this key does not exist in my real machine and Auto Login works. I used control userpasswords2, to setup my Auto Login in my host.
0 -
[OT]
I read an interesting tidbit on one of the MSVP sites.
If you create a User w/ a blank password, WinXP and above - that is one of the more secure users...
Apparently, a Login w/ a blank password can only login locally.
So if you don't need remote login access w/ that UserName, a blank password means there is no password for someone to try to crack or gain remote access to your machine with that ID (no password, no remote access).
[/OT]
That maybe so, but I'm using a fingerprint for my secure data. We found to our horror that if we have a blank password, we could just hit Enter to gain access to all our sites!!! This is because the fingerprinter program uses the log-in password to verify that you are really "ÿou". Hence, "Ënter" becomes your "password"!
Secondly, be aware that if you have a password, but you set the boot to automatic log-on (i.e. by-passing the need for entering the password), that password becomes readable by various password reading programs (SIW and Spotmau to mention a couple). Hence, having somehow ascertained the password, you can just type in the password in lieu of the fingerprinter.
Finally, if you enter the password (or use your fingerprinter in lieu thereof) to log on after on each boot, the password becomes scrambled can no longer be found in the password reading programs. I have also searched for the password in the register, without success.
Thus if you need a "secret" password, the only way is to enter the password each time you log-on.
0 -
[OT]
I read an interesting tidbit on one of the MSVP sites.
If you create a User w/ a blank password, WinXP and above - that is one of the more secure users...
Apparently, a Login w/ a blank password can only login locally.
So if you don't need remote login access w/ that UserName, a blank password means there is no password for someone to try to crack or gain remote access to your machine with that ID (no password, no remote access).
[/OT]
hi crash&burn
I not only need a password, I also need to be able to either hide or scramble it so that no-one can read it if they should gain access.
regards masterpointer
0 -
masterpointer, that goes into a Run dialog (Start-Run...). If you want me to try to help, please read my previous replies and attach (not paste) your Last Session.ini. Enjoy, John.
Thanks Johnhc. I knew about the tweakUI but not about the Control... input. That has helped me a lot.
I've attached one of the "last session.ini" files hereto as you suggested. Do you know of any way you can hide or scramble the log-on password to that noone can read it if they gain access to the system? The reason that is important is that I use a fingerprint entry to all my various websites and accounts, but that is useless if the log-on password is readable.
0 -
sorry if I'm a bit slow. The TweakUI worked fine, but I don't understand "type control userpasswords2..."! Type where?
0 -
Thanks! TweakUI works fine (except that it says that it is "scrambled", which it doesn't appear to be), but it still doesn't explain the mystery of the seemingly random results I get when I create an XP installation via nLite with password included.
regards, masterpointer.
0 -
If you log off it normally asks for a password when you go to log in again. If you reboot or start your computer it doesn't. Is this what you're experiencing?
Not really...
When I create a new copy of XP with nLite (with the MUST HAVE password ticked), it seems to be "hit and miss" whether I need to log on by having to enter the password manually or whether it logs on automatically (with the password embedded). Whatever happens the first time I log on, will happen every time I reboot thereafter, e.g. if I have to enter password on the first log on, I will always have to enter pw (and vice versa).
My question is: How do I ensure that I can log on automatically (with a password embedded in the system), without having to manually enter that password after each reboot.
I guess it is not really a "big deal" whether or not you have a log on password, since that password is easily retrieved by anyone anyway...
0 -
hi
I joined last night and I THOUGHT that I posted this, but I can't see it, so here goes again.
Can anyone help please? I have used nLite for quite some time without any problems, but one. Whenever I include the "MUST HAVE" password tick and then enter name and a password, the installed system sometimes require you to log on with the password and sometimes it simply logs on with the password already entered for you. It seems to be completely random.
How can you build the system ensuring that you are able to log on without having to enter the password (and still have the password present)? It is no good building the system without a password and then create one afterwards. That definitely means that you will have to log on by typing the password!
0 -
hi
I have just joined today (17/06/09).
Can someone please explain when a "must have" password will appear on the log-on screen as a key entry and when it is "silent" (i.e. the password is included, but you don't have to enter it each time you log-on)? It seems to happen completely at random, whenever I create an unattended installation in nLite.
(If I create an installation without a password and then create one later, I will always be prompted for the pw whenever I log-on).
regards
masterpointer.
0
AutoLogon via nLite yields Password in the clear.
in nLite
Posted
ji johnhc
I dunno if I'll be game enough to try your script. I'm not that advanced...
However, I did try the Autologon.exe. That works more or less the same as Control usernames2 and TweakUi, in as much that you can do the same thing with all three functions. Setting the autolog-on results in the password being visible to anyone through a password finding program, whereas logging on with a password, hides it. One small twist, though. If you set the auto logon by using Autocontrol Logon, the password stays visible after the 1st reboot after resetting it to log-on with password. Only after the 2nd reboots does it become hidden again.
I guess that I'll stick to the "log-on with password"method. I can use the fingerprint pad, so it is no big deal. The important thing is that the password remains hidden whenever someone gains access.
How secure is the encryption though? Since I'm aware that it is easy for anyone to gain access to the computer without knowing the password, willl hackers and other savvy people still be able to retrieve the password? Do you know?
regards masterpointer