!Win 95 Security Flaw!

**dark2k** · July 30th, 2001, 02:45 PM

I've found a Security flaw in Win95.(One of many!) On my computer if you type the password in wrong and then press cancel it will logon under that username. I think it's got something to do with the network login. NE1 know how to stop it?

**Larommi** · July 30th, 2001, 03:17 PM

Originally posted by dark2k:
<STRONG>I've found a Security flaw in Win95.(One of many!) On my computer if you type the password in wrong and then press cancel it will logon under that username. I think it's got something to do with the network login. NE1 know how to stop it?</STRONG>

wait a minute...back the M$ bashing bus up...you mean there are security holes in Windows? <IMG SRC="smilies/biggrin.gif" border="0">

Anyhow, from my experience, you might be able to log in on the profile but any passwords for like DUN are OE are disabled. Is that the case for you? As far as a password goes, security on any version of Win9X is a joke. You can cancel past the password log on and get into the machine. Security is tighter on Win2k if you ever have a desire to look into that.

If you want to lock your computer out there are some 3rd party apps that will do that for you. Sometimes you can lock your bios so you cant even boot the machine. (Not all bios have this function)

**dark2k** · July 31st, 2001, 01:09 PM

I've got Win2K Pro as well, and a neat little trick in Win95 that shuts the system down if you press cancel or log in as a new user. Problem is, I want my system locked tight and I don't want to remove Win95 just yet. All the cheap 3rd party apps I've tried are easy to get past and I'm not Bill Gates, my wallet does not weigh more than my house. <IMG SRC="smilies/biggrin.gif" border="0">

**imaeditedbysowulo** · July 31st, 2001, 05:55 PM

Your best option if you want to keep Win95 and be secure is to go into your BIOS and password protect it. You should also make sure booting to floppy or CD is disabled.

**RH0RT** · August 1st, 2001, 05:16 AM

I always figured that the Win95 logon was not actually meant as a security feature, more as a convenience thing, allowing users to have their own desktops. Even if you set up applications/etc only on certain desktops, deleting the .pwd file for that specific user, then logging back in as that user, and using any password you like, will allow you access to all that users settings, etc.

**kingtbone** · August 1st, 2001, 07:44 AM

Originally posted by RH0RT:
<STRONG>I always figured that the Win95 logon was not actually meant as a security feature, more as a convenience thing, allowing users to have their own desktops. </STRONG>

I have to agree with RH0RT. I assume that this is exactly what they had in mind when they included this feature.

**Fubarian** · August 1st, 2001, 07:51 AM

You can do this on any 9x. the "windows password" doesn't do anything from what I've seen.

Only one that matters is the network password when you want to get to shares that require it.

**dark2k** · August 1st, 2001, 02:45 PM

I'm not allowed to put a BIOS boot up password on. It's a shared computer (for Linux not Windows). I woz thinking that if I could put a password on the Win2KPro dual boot selection screen, that could work. Can I do that?

**Archer** · August 1st, 2001, 03:04 PM

You can simply set W2K to log on with password only,under the system admin log in via the control panel/security settings.
Is that what your after?

Thread: !Win 95 Security Flaw!

Thread Tools

Display

!Win 95 Security Flaw!

Bookmarks

Bookmarks

Posting Permissions