Password

Archived from groups: microsoft.public.windowsxp.general (More info?)

My Son and I are both set-up as Administrator on our home PC. My son was
able to log on under his name, go to User Account, cnahge my account log on
password and log back in under my name with full access to "My Documents"
Folder. Why? how can I stop this.
15 answers Last reply
More about password
  1. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Maybe you can limit his access to controlpanel via Group Policy?

    Start > Run > gpedit.msc

    UserConfiguration > Admin. templates > Control Panel > prohibit access
    to control panel

    You should test this with both your user and your son's user since it
    very well might affect both.

    To skip this setting for your user change your rights to the file
    "C:\WINDOWS\system32\GroupPolicy\GPt.ini " to deny all. Of course this
    will prevent you from altering the grouppolicy too, but since you can
    just change your rights right back to read+modify this will be no big
    problem.

    And of course if your Son knows how to do this, he can too(as he is
    admin) if he is allowed to open the gpedit.msc. Therefore you may want
    to change his rights so that he can't run
    C:\WINDOWS\system32\gpedit.msc <--- this file
  2. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Maybe there is an even better way
    once again via gpedit.msc

    Start > Run > gpedit.msc

    >From there

    UserConfiguration > Admin. templates > Control Panel > Hide specified
    controlpanel applets

    Add: nusrmgr.cpl

    This will allow him to use everyting in the controlpanel except the
    user account managment

    There are ways around this as well, you will of course need to secure
    the same way as above, still it will not be waterproof.
  3. Archived from groups: microsoft.public.windowsxp.general (More info?)

    aybe there is an even better way
    once again via gpedit.msc

    Start > Run > gpedit.msc

    >From there

    UserConfiguration > Admin. templates > Control Panel > Hide specified
    controlpanel applets

    Add: nusrmgr.cpl

    This will allow him to use everyting in the controlpanel except the
    user account managment. However if he start the nusrmgr.cpl from
    explorer(c:\windows\system32) he will be allowed to open it and change
    whatever he wants. You might want to change his rights according to
    this file too. I'm not sure if he change his own rights to this file
    then? Check it out!

    There are ways around this as well, you will of course need to secure
    the same way as above, still it will not be waterproof.
  4. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Nelsonace wrote:
    > My Son and I are both set-up as Administrator on our home PC. My son was
    > able to log on under his name, go to User Account, cnahge my account log on
    > password and log back in under my name with full access to "My Documents"
    > Folder. Why? how can I stop this.

    Your son accessed your files the stupid way. Since you've made him Admin
    (bad move if he can't be trusted), he could have just read your My
    Documents files w/o changing your password (and thus tipping you off)

    Anyway, some options:

    1. Enable EFS on your My Documents folder

    (Windows Explorer > C:\Documents and Settings\<user> > right click on My
    Documents > Properties > General > Advanced > Encrypt contents to secure
    data)

    2. Use some other encryption software, like PGP
  5. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Z wrote:
    >> My Son and I are both set-up as Administrator on our home PC. My son
    >> was able to log on under his name, go to User Account, cnahge my
    >> account log on password and log back in under my name with full access
    >> to "My Documents" Folder. Why? how can I stop this.
    >
    >
    > Your son accessed your files the stupid way. Since you've made him Admin
    > (bad move if he can't be trusted), he could have just read your My
    > Documents files w/o changing your password (and thus tipping you off)
    >
    > Anyway, some options:
    >
    > 1. Enable EFS on your My Documents folder
    >
    > (Windows Explorer > C:\Documents and Settings\<user> > right click on My
    > Documents > Properties > General > Advanced > Encrypt contents to secure
    > data)
    >
    > 2. Use some other encryption software, like PGP

    One more thing ... when you write "how can I stop this?" I assume you
    mean stopping him from reading your files.
  6. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Only by changing his account to a "limited" account via Control Panel > Add
    / Remove Programs

    Jon


    "Nelsonace" <Nelsonace@discussions.microsoft.com> wrote in message
    news:F5DE6A74-B5A3-4B22-846A-2EE92B0D3917@microsoft.com...
    > My Son and I are both set-up as Administrator on our home PC. My son was
    > able to log on under his name, go to User Account, cnahge my account log
    > on
    > password and log back in under my name with full access to "My Documents"
    > Folder. Why? how can I stop this.
  7. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Sorry. Typo.

    Control Panel > User Accounts

    Jon


    "Jon" <Email_Address@SomewhereOrOther.com> wrote in message
    news:OqUaIWPuFHA.2076@TK2MSFTNGP14.phx.gbl...
    > Only by changing his account to a "limited" account via Control Panel >
    > Add / Remove Programs
    >
    > Jon
    >
    >
    > "Nelsonace" <Nelsonace@discussions.microsoft.com> wrote in message
    > news:F5DE6A74-B5A3-4B22-846A-2EE92B0D3917@microsoft.com...
    >> My Son and I are both set-up as Administrator on our home PC. My son was
    >> able to log on under his name, go to User Account, cnahge my account log
    >> on
    >> password and log back in under my name with full access to "My Documents"
    >> Folder. Why? how can I stop this.
    >
    >
  8. Archived from groups: microsoft.public.windowsxp.general (More info?)

    As long as he doesn't discover the "net user" command line command ..... :)

    Jon


    "matsr" <mostue@gmail.com> wrote in message
    news:1126683657.441105.130300@g47g2000cwa.googlegroups.com...
    > Maybe there is an even better way
    > once again via gpedit.msc
    >
    > Start > Run > gpedit.msc
    >
    >>From there
    >
    > UserConfiguration > Admin. templates > Control Panel > Hide specified
    > controlpanel applets
    >
    > Add: nusrmgr.cpl
    >
    > This will allow him to use everyting in the controlpanel except the
    > user account managment
    >
    > There are ways around this as well, you will of course need to secure
    > the same way as above, still it will not be waterproof.
    >
  9. Archived from groups: microsoft.public.windowsxp.general (More info?)

    "Nelsonace" <Nelsonace@discussions.microsoft.com> wrote in message
    news:F5DE6A74-B5A3-4B22-846A-2EE92B0D3917@microsoft.com
    > My Son and I are both set-up as Administrator on our home PC. My son
    > was able to log on under his name, go to User Account, cnahge my
    > account log on password and log back in under my name with full
    > access to "My Documents" Folder. Why? how can I stop this.

    There's no watertight way of doing this.
    You have two options: get a removable HDD , put all your data on that ,
    remove it and lock it away when you finish on the machine, or, go to a
    properly secure Operating system such as a Linux distro.
  10. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Z wrote:

    > Nelsonace wrote:
    >
    >> My Son and I are both set-up as Administrator on our home PC. My son
    >> was able to log on under his name, go to User Account, cnahge my
    >> account log on password and log back in under my name with full access
    >> to "My Documents" Folder. Why? how can I stop this.
    >
    >
    > Your son accessed your files the stupid way. Since you've made him Admin
    > (bad move if he can't be trusted), he could have just read your My
    > Documents files w/o changing your password (and thus tipping you off)
    >
    > Anyway, some options:
    >
    > 1. Enable EFS on your My Documents folder
    >
    > (Windows Explorer > C:\Documents and Settings\<user> > right click on My
    > Documents > Properties > General > Advanced > Encrypt contents to secure
    > data)
    >
    > 2. Use some other encryption software, like PGP

    EFS won't work if the son can login to the father's account. Then efs
    is transparent.

    --
    Rock
    MS MVP Windows - Shell/User
  11. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Rock wrote:
    >> Anyway, some options:
    >>
    >> 1. Enable EFS on your My Documents folder
    >>
    >> (Windows Explorer > C:\Documents and Settings\<user> > right click on
    >> My Documents > Properties > General > Advanced > Encrypt contents to
    >> secure data)
    >>
    >> 2. Use some other encryption software, like PGP
    >
    >
    > EFS won't work if the son can login to the father's account. Then efs
    > is transparent.
    >

    Unless I misread the orig. post, the son can only login to the parent's
    acct by changing the password on the parent's acct. Forcing a new pw
    from another acct should leave EFS secure. Right?
  12. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Nelsonace wrote:
    > My Son and I are both set-up as Administrator on our home PC. My son was
    > able to log on under his name, go to User Account, cnahge my account log on
    > password and log back in under my name with full access to "My Documents"
    > Folder. Why?


    Because you've granted him administrative privileges. That's the same
    as giving him a blank check and dropping him off at the mall.


    > how can I stop this.


    1) Teach your son some manners and proper respect for your property and
    privacy.

    2) Make you son's account a Limiter User. Monitor his computer usage
    closely.

    3) Don't forget to put a strong password on the built-in Administrator
    account.


    HOW TO Create and Configure User Accounts in Windows XP
    http://support.microsoft.com/default.aspx?scid=kb;en-us;279783

    HOW TO Set, View, Change, or Remove File and Folder Permissions
    http://support.microsoft.com/default.aspx?scid=kb;en-us;q308418

    HOW TO Use the Internet Explorer 6 Content Advisor to Control Access
    to Web Sites in Internet Explorer
    http://support.microsoft.com/default.aspx?scid=kb;en-us;310401

    Protect Your PC
    http://www.microsoft.com/security/protect/default.asp

    For some requirements, you may find it easier to invest in a
    3rd-party solution, such as NetNanny or CyberPatrol.

    You need to be aware, however, that *NO* technical or software
    solution is 100% child/fool-proof, and _none_ can ever adequately take
    the place of live adult supervision. If you cannot trust your son to
    safely/properly use the computer without supervision, you may have to
    consider limiting his access to it.


    --

    Bruce Chambers

    Help us help you:
    http://dts-l.org/goodpost.htm
    http://www.catb.org/~esr/faqs/smart-questions.html

    You can have peace. Or you can have freedom. Don't ever count on having
    both at once. - RAH
  13. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Only/Best solution is buy him the $299 Dell weekly special.
    Then lock your own PC down, Boot Password, Single user,
    password protect the Administrator account. You can play
    the "Cat-&-Mouse" security (Stay out of My Account) game
    but it seldom if ever works.

    "Rock" <rock@mail.nospam.net> wrote in message
    news:OQMd0AYuFHA.2008@TK2MSFTNGP10.phx.gbl...
    >Z wrote:
    >
    >> Nelsonace wrote:
    >>
    >>> My Son and I are both set-up as Administrator on our home PC. My son
    >>> was able to log on under his name, go to User Account, cnahge my account
    >>> log on password and log back in under my name with full access to "My
    >>> Documents" Folder. Why? how can I stop this.
    >>
    >>
    >> Your son accessed your files the stupid way. Since you've made him Admin
    >> (bad move if he can't be trusted), he could have just read your My
    >> Documents files w/o changing your password (and thus tipping you off)
    >>
    >> Anyway, some options:
    >>
    >> 1. Enable EFS on your My Documents folder
    >>
    >> (Windows Explorer > C:\Documents and Settings\<user> > right click on My
    >> Documents > Properties > General > Advanced > Encrypt contents to secure
    >> data)
    >>
    >> 2. Use some other encryption software, like PGP
    >
    > EFS won't work if the son can login to the father's account. Then efs is
    > transparent.
    >
    > --
    > Rock
    > MS MVP Windows - Shell/User
    >
  14. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Z wrote:

    > Rock wrote:
    >
    >>> Anyway, some options:
    >>>
    >>> 1. Enable EFS on your My Documents folder
    >>>
    >>> (Windows Explorer > C:\Documents and Settings\<user> > right click on
    >>> My Documents > Properties > General > Advanced > Encrypt contents to
    >>> secure data)
    >>>
    >>> 2. Use some other encryption software, like PGP
    >>
    >>
    >>
    >> EFS won't work if the son can login to the father's account. Then efs
    >> is transparent.
    >>
    >
    > Unless I misread the orig. post, the son can only login to the parent's
    > acct by changing the password on the parent's acct. Forcing a new pw
    > from another acct should leave EFS secure. Right?

    No I don't think so. Any administrator can change the password on any
    account. Once logged into the account, EFS is transparent.

    --
    Rock
    MS MVP Windows - Shell/User
  15. Archived from groups: microsoft.public.windowsxp.general (More info?)

    Rock wrote:
    >> Unless I misread the orig. post, the son can only login to the
    >> parent's acct by changing the password on the parent's acct. Forcing
    >> a new pw from another acct should leave EFS secure. Right?

    > No I don't think so. Any administrator can change the password on any
    > account. Once logged into the account, EFS is transparent.

    http://support.microsoft.com/default.aspx?scid=kb;en-us;290260

    EFS, Credentials, and Private Keys from Certificates Are Unavailable
    After a Password Is Reset
    ....
    CAUSE
    This issue can occur if the password was forcefully reset by an
    administrator or owner, instead of being changed by the user.

    RESOLUTION
    NOTE: For any of the following resolutions to work, the user's original
    account must still exist, and the user's profile must be present and
    unchanged since the user last had access to the data.

    To recover all of the data, you must have one of the following:

    o The original password. This is the password with which the user last
    logged on successfully and was able to access their credentials and files.

    o Password Recovery Disk (PRD). This password recovery disk must have
    been created while the user had access to the files.
Ask a new question

Read More

My Documents Microsoft Windows XP