If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
Password requested
WinXP with SP2, no problems in use for 18 months or so,
configured for one Administrator (with password) and one ordinary user (no password.) An anomaly now occurs (twice in 10 days) requesting a password for User login. Simple CR does not work. Rebooting works, i.e. enables User login directlly, with no request for password. This is by itself no problem: but does it point to some future problem? -- Don Phillipson Carlsbad Springs (Ottawa, Canada) |
Ads |
#2
|
|||
|
|||
Password requested
Don Phillipson wrote:
WinXP with SP2, no problems in use for 18 months or so, configured for one Administrator (with password) and one ordinary user (no password.) An anomaly now occurs (twice in 10 days) requesting a password for User login. Simple CR does not work. Rebooting works, i.e. enables User login directlly, with no request for password. This is by itself no problem: but does it point to some future problem? Looks like we have to make some guesses here, which a - The "anomaly" occurs on the "ordinary user" account that has no password. - The "anomaly" occurs during the login to the "ordinary user" account. - That auto-login is NOT used to automatically log into the "ordinary user" account. This requires a non-blank password (so something can actually be automatically entered at login). - That the "ordinary user" account is not in the Administrators group (i.e., that it is a Limited or Power user account). - That the user is logging onto a local account and not under a domain account. Same thing happen when you boot into Safe Mode for Windows? What happens if you do NOT use a blank password? Try changing the password to a non-blank string. Have you check the "ordinary user" account does not expire its password? Run the Local User and Groups policy editor (lusrmgr.msc), Users node, and look at the properties for the "ordinary user" account. http://www.theeldergeek.com/blank_pa...ork_access.htm Is this host used at both home and work? That is, is it, say, a laptop that the user takes back and forth from home? If so, are they selecting the proper network in the drop-down listbox on the login screen to ensure that when at work they are logging onto the domain and when at home they are not (and so are logging on locally)? Note: While some users claim that a blank password reduces security, that is true only at the host itself but actually improves security regarding remote access to that host. If you decide to change this "ordinary user" to have a non-blank password, be sure it is a STRONG password. Read: http://www.labnol.org/software/tutor...-attacks/2517/ http://www.microsoft.com/protect/you...rd/create.mspx The flip-side is that if you are their tech that needs to help the user remotely (using RDP, LogmeIn, TeamViewer, VNC, or whatever) then you can't connect when they have a blank password for their accounts, including the Administrator account. Since you said the Administrator account has a non-blank password, make sure it is a STRONG password. Also, scheduled tasks cannot run using an account that has a blank password. Something to think about should the user (or admin) decides to run scheduled tasks under that account. Many anti-virus or other security programs utilitize the Task Scheduler service to run their scheduled scans. |
Thread Tools | |
Display Modes | |
|
|