Is there any way/any software that would automatically delete and/or
securely wipe selected folders/files from the machine if a certain
password is used to log in? Say, if a user's real password is 'foo123'
and someone logs in with '23foo71', then the files would be removed.
But if 'foo132' is typed, it is treated as a normal incorrect login.

~cethiesus

I do not think you will find such software.
Anyway, how are they going to log in with the wrong password ?
It just does not work like that.

"cethiesus" > wrote in message
om...
> Is there any way/any software that would automatically delete and/or
> securely wipe selected folders/files from the machine if a certain
> password is used to log in? Say, if a user's real password is 'foo123'
> and someone logs in with '23foo71', then the files would be removed.
> But if 'foo132' is typed, it is treated as a normal incorrect login.
>
> ~cethiesus

The point is to give them access to machine without giving them
whatever they are looking for. Kind of like a bait and switch: "I gave
you the password to my machine but there is nothing you want on it
(because the password I gave you deleted it)." I'm looking to write
some security software and this is the first good idea I think I've
come up with. Just need to know if it's been done before or if it's
built in.

~cethiesus

"Roger Abell [MVP]" > wrote in message >...
> I do not think you will find such software.
> Anyway, how are they going to log in with the wrong password ?
> It just does not work like that.

I guess I am still missing the point.
One logs in with an account and password.
So why do you need to know what password was used?
If the account managed to log in it did it with _the_ password.
To know the password you would have to write a custom
gina to use in the authentication path.
Beyond that, if they log in, but stuff gets deleted before
they are given their desktop, why put the stuff there at all.
I can see maybe having something like, if account X logged
in but the password is not one of a, b, c, d, etc. then delete
this stuff. However, that does not provide any real safety
for the stuff. They can just crack in with some other account
with admin power and get at the stuff.

Roger

"cethiesus" > wrote in message
om...
> The point is to give them access to machine without giving them
> whatever they are looking for. Kind of like a bait and switch: "I gave
> you the password to my machine but there is nothing you want on it
> (because the password I gave you deleted it)." I'm looking to write
> some security software and this is the first good idea I think I've
> come up with. Just need to know if it's been done before or if it's
> built in.
>
> ~cethiesus
>
> "Roger Abell [MVP]" > wrote in message
>...
> > I do not think you will find such software.
> > Anyway, how are they going to log in with the wrong password ?
> > It just does not work like that.

Then make access from any account with that password trigger the wipe.

~cethiesus

"Roger Abell [MVP]" > wrote in message >...
>They can just crack in with some other account
> with admin power and get at the stuff.

What is the sgnificance of what the password is ?
--ra

"cethiesus" > wrote in message
om...
> Then make access from any account with that password trigger the wipe.
>
> ~cethiesus
>
> "Roger Abell [MVP]" > wrote in message
>...
> >They can just crack in with some other account
> > with admin power and get at the stuff.

One possibility...(and I'm not saying this is what you're
trying to do, but it may be part of why Microsoft has
made it difficult to do) -- It'd be a great tool for
viri, Trojan Horses, Worms, etc.

Tracy
>-----Original Message-----
>What is the sgnificance of what the password is ?
>--ra
>
>"cethiesus" > wrote in message
om...
>> Then make access from any account with that password
trigger the wipe.
>>
>> ~cethiesus
>>
>> "Roger Abell [MVP]" > wrote in
message
>...
>> >They can just crack in with some other account
>> > with admin power and get at the stuff.
>
>
>.
>

Ok...maybe if I explain how I thought of this:

I'm watching a movie and they're doing the traditional interrogation
scene where the guy is up against a wall. He has to chose between the
consequences of giving the cops what they want and not talking. In
order to give the guy a way out I thought of this scenario:

CEO/Politico/Important Guy/Etc is being
investigated/questioned/tortured and those doing the interrogation
want access to the person's computer. The guy has to give them
something, so he gives them the "trigger" password. When they use it
they gain access but find nothing. The information is protected and
those interrogating are left in doubt/have nothing to go on/etc.

I really don't see how it could used in a virus as the likelyhood of
someone entering the "trigger" password is extremely small. If the
virus made the current password the "trigger" password, then it's not
to hard to make it just delete whatever files it wants without the
whole login scheme, and using an account login for a remote
"detonation" is kinda convulated.

~cethiesus


"Tracy" > wrote in message >...
> One possibility...(and I'm not saying this is what you're
> trying to do, but it may be part of why Microsoft has
> made it difficult to do) -- It'd be a great tool for
> viri, Trojan Horses, Worms, etc.
>
> Tracy
> >-----Original Message-----
> >What is the sgnificance of what the password is ?
> >--ra
> >
> >"cethiesus" > wrote in message
> om...
> >> Then make access from any account with that password
> trigger the wipe.
> >>
> >> ~cethiesus
> >>
> >> "Roger Abell [MVP]" > wrote in
> message
> >...
> >> >They can just crack in with some other account
> >> > with admin power and get at the stuff.
> >
> >
> >.
> >

OK. So the guy is up to the wall and gives over the trigger pwd.
The Feds go to the box to log in and it fails to log them in.
What is up ? Oh darn, he forgot the Feds were coming so he
did not change the password to the trigger password.
Heck, if he had known he could have . . . .

An account can have one password.

That is you problem with this solution.

Now, what he should do is, when he first gets his machine,
define an account and use it for a while so it seems used
(of course the dates will later show it is not recently used)
and then stop using it, but define a login script for it that
del *.* in the right spots.

Now, the guy is caught by surprise, the heat is on him,
and , he forgets what the account and pwd are . . . <g>
--ra

"cethiesus" > wrote in message
om...
> Ok...maybe if I explain how I thought of this:
>
> I'm watching a movie and they're doing the traditional interrogation
> scene where the guy is up against a wall. He has to chose between the
> consequences of giving the cops what they want and not talking. In
> order to give the guy a way out I thought of this scenario:
>
> CEO/Politico/Important Guy/Etc is being
> investigated/questioned/tortured and those doing the interrogation
> want access to the person's computer. The guy has to give them
> something, so he gives them the "trigger" password. When they use it
> they gain access but find nothing. The information is protected and
> those interrogating are left in doubt/have nothing to go on/etc.
>
> I really don't see how it could used in a virus as the likelyhood of
> someone entering the "trigger" password is extremely small. If the
> virus made the current password the "trigger" password, then it's not
> to hard to make it just delete whatever files it wants without the
> whole login scheme, and using an account login for a remote
> "detonation" is kinda convulated.
>
> ~cethiesus
>
>
> "Tracy" > wrote in message
>...
> > One possibility...(and I'm not saying this is what you're
> > trying to do, but it may be part of why Microsoft has
> > made it difficult to do) -- It'd be a great tool for
> > viri, Trojan Horses, Worms, etc.
> >
> > Tracy
> > >-----Original Message-----
> > >What is the sgnificance of what the password is ?
> > >--ra
> > >
> > >"cethiesus" > wrote in message
> > om...
> > >> Then make access from any account with that password
> > trigger the wipe.
> > >>
> > >> ~cethiesus
> > >>
> > >> "Roger Abell [MVP]" > wrote in
> > message
> > >...
> > >> >They can just crack in with some other account
> > >> > with admin power and get at the stuff.
> > >
> > >
> > >.
> > >