Sign in
Microsoft.com
 
Microsoft
 
 
 

locked
Secure Autologon? RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    Sorry my English is bad...

    I use some Applications the cant run as a Service the need a Win Logon.
    The huge problem is the Server stay in a "Public" Server hosing Area who everybody has access to.
    I know thats insane but i need a second place to store my Personal Data secured.

    There is my question how can i make a secure Auto Logon?

    THX

    Saturday, December 1, 2012 2:52 PM

Answers

  • Question
    Sign in to vote
    0
    Sign in to vote

    I think you might also want to consider creating a separate limited user account for your applications to run within, and then log in with that account.  If the apps need access to specific resources, it is usually possible to grant this access to the account without leaving your server as vulnerable by running as the admin.

    Another strategy is to run your apps within a VM. Depending on what you are running this can be workable.  There are ways of running both VMware and VirtualBox VMs as services on Windows, so that you can keep your VMs running without having an active session on the server.

    • Marked as answer by James Xiong Thursday, December 20, 2012 2:42 AM
    Sunday, December 2, 2012 4:02 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You can post a link, but I will still recommend emphatically that you do not configure your server to leave any user, even a limited user as Gary Voth has suggested, logged in to the server desktop all the time. In order to allow that logged in user the minimum rights it would need to be able to run whatever applications it needs to, it would still have sufficient rights to put your data at increased risk.

    You would be better served seeing if you can find an equivalent to whatever application you're looking at that can run as a service. 

    I'm not on the WHS team, I just post a lot. :)

    • Marked as answer by James Xiong Thursday, December 20, 2012 2:42 AM
    Sunday, December 2, 2012 4:25 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    ... There is my question how can i make a secure Auto Logon?

    The best I can think of is to set up a screen saver, set it to require a password when exiting the screen saver, and then use a very secure password for the account (no words, at least 8 characters, characters from at least 3 of these groups: upper case, lower case, numbers, special characters, and nothing that's related to relatives, birthdays, anniversaries, etc.).

    But any IT pro will tell you this is not a secure way to run your server, and that they recommend strongly against pursuing any approach that results in an account being logged in to the server's local desktop all the time.

    I'm not on the WHS team, I just post a lot. :)

    Saturday, December 1, 2012 11:13 PM
  • Question
    Sign in to vote
    0
    Sign in to vote
    But any IT pro will tell you this is not a secure way to run your server

    I know that's my problem...
    I thought I can use a client-server authentication? Not a Domainlogon but something similar?

    Maybe a Hardware Token?
    I found a very interesting solution.
    Can i post a link?

    Saturday, December 1, 2012 11:34 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    I think you might also want to consider creating a separate limited user account for your applications to run within, and then log in with that account.  If the apps need access to specific resources, it is usually possible to grant this access to the account without leaving your server as vulnerable by running as the admin.

    Another strategy is to run your apps within a VM. Depending on what you are running this can be workable.  There are ways of running both VMware and VirtualBox VMs as services on Windows, so that you can keep your VMs running without having an active session on the server.

    • Marked as answer by James Xiong Thursday, December 20, 2012 2:42 AM
    Sunday, December 2, 2012 4:02 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    You can post a link, but I will still recommend emphatically that you do not configure your server to leave any user, even a limited user as Gary Voth has suggested, logged in to the server desktop all the time. In order to allow that logged in user the minimum rights it would need to be able to run whatever applications it needs to, it would still have sufficient rights to put your data at increased risk.

    You would be better served seeing if you can find an equivalent to whatever application you're looking at that can run as a service. 

    I'm not on the WHS team, I just post a lot. :)

    • Marked as answer by James Xiong Thursday, December 20, 2012 2:42 AM
    Sunday, December 2, 2012 4:25 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Sorry my English is bad...

    I use some Applications the cant run as a Service the need a Win Logon.
    The huge problem is the Server stay in a "Public" Server hosing Area who everybody has access to.
    I know thats insane but i need a second place to store my Personal Data secured.

    There is my question how can i make a secure Auto Logon?

    THX

    Look at this autologon tool after secured logon you can launch your software automatically.
    Sunday, December 23, 2012 8:12 PM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Sorry i was busy at this time.
    I talking about this product: http://www.identive-infrastructure.com/en/products-solutions/smart-card-solutions/concerto/secure-rfid-windows-logon-sso

    I need a Client/ Server login solution. When the PC is stolen with the ID Card and the Card Reader nobody should have access to this PC.



    • Edited by Momo_German Saturday, January 5, 2013 9:36 PM
    Saturday, January 5, 2013 9:31 PM