Secure Logon Password

gatsu38

Estimable
Mar 12, 2015
4
0
4,510
Hello everybody, the secure Logon is that Logon you make when you have to press ctrl-alt-del then you need to type your username and password. Is it possible to have a Username and Password only for this Logon? I explain better: I ask if there is the possibility to have a username and password which actually don't belong to any account on the OS, like a combination only for the logon?
 
Solution
I don't think what you're trying to do would avoid that.

You can always get the usernames; they're stored in plain text and there's no way around that.

Reversing the hashes on the passwords is difficult, but possible. Especially if you're using short passwords.

Your best bet is to use something like Active Directory, and not cache/store the passwords on the local machine.

However, if you're booted into another OS, there really is no reason to need the password. You have complete access to everything on the PC. Encryption is more useful.
The only account in windows not tied to an account is the System account.
Any other account created has a account on the PC, now you don't have to use that login to access your own account, you can have an admin account and use it on a non-admin login in order to have privileged access to an application.

As someone somewhere asked, what is it you are trying to do. You might be able to give you better information then.
 

gatsu38

Estimable
Mar 12, 2015
4
0
4,510
I heared that there are some operating systems you can boot instead of the one on the hard disk on the computer. This operating systems can find your Username and passwords, I want to avoid this.
 
I don't think what you're trying to do would avoid that.

You can always get the usernames; they're stored in plain text and there's no way around that.

Reversing the hashes on the passwords is difficult, but possible. Especially if you're using short passwords.

Your best bet is to use something like Active Directory, and not cache/store the passwords on the local machine.

However, if you're booted into another OS, there really is no reason to need the password. You have complete access to everything on the PC. Encryption is more useful.
 
Solution
My mistake, I read the snippet from what Toms sends me in my email and did not read the full post so I did not see the last part about wanting to avoid it.

Using bitlocker and encrypting the entire drive is about your only real defense at the local machine level.
You can setup security through active directory, but that only goes so far. Using the right tools I can load a boot disk, create my own local administrator account and then gain access to whatever I want.