Results 1 to 5 of 5
  1. #1
    New Lounger
    Join Date
    Dec 2009
    Thanked 0 Times in 0 Posts

    Unauthorised user on Windows 7

    I have windows 7 on a pc that is only for my use.
    My wife claims that one of the people sharing my apartment is capable of overridding the password and use the computer.
    Is there a way to stop this? If not is there a way to follow-up on uses of the computer.
    Thank you.

  2. #2
    Super Moderator CLiNT's Avatar
    Join Date
    Dec 2009
    California & Arizona
    Thanked 608 Times in 556 Posts
    Yes, it is possible for someone with a Linux boot disk to overide your admin password...unless you have made a password for the recovery console upon first clean install.

    *You may also have more security related options in the BIOS. I recommend reading through your computers documentation, or going online to the manufacture and see what you can find from them.

    *You might be able to, depending upon how suave the user is, to get an idea of their browsing habits by opening the index.dat file from within the IE browser cache. You would first need to unhide usually hidden files in explorer.

    *If you highly suspect malicious activity like spying, or flat out steeling, you may need to do a thorough and complete antivirus and anti malware scan. .Also run through your computer's startup routines to ensure there has been nothing added. It's a bit extreme, but the last thing you want on your system is a key logger.

    *Look carefully through your installed programs root directories and verify the programs you know you installed against those that are listed in the "programs and features" section of the control panel.

    *Do the same thing with all your running processes in the services section of "admin tools" and task manager.

    *Your basically looking for things that shouldn't be there, the better you know your system, the easier this will be.
    Last edited by CLiNT; 2012-04-27 at 03:51. Reason: Additions

  3. #3
    Lounge VIP
    Join Date
    Apr 2011
    Thanked 134 Times in 115 Posts
    If you have suspicions that somebody is physically attacking the machine you could set a BIOS password as CLiNT says, but those can also be overcome with the correct utility disk. A better approach would be to deploy whole disk encryption, such as True Crypt. This encrypts every byte of data on the hard drive and requires the user to enter a unique and complex password at boot time: before Windows loads. Without the password, the machine will not boot into Windows from the hard drive.

    It is possible to boot it from a Linux Live CD, bu the hard drive is still encrypted and cannot be read.

    When deploying whole disk encryption, one must always build a rescue disk that enables decryption of the drive in case of hard ware issues or emergencies. If that rescue disk is accessible to a person physically attacking the machine they may be able to obtain full access to the drive and your data.

    If malware has been injected onto the machine prior to securing it with whole disk encryption, that malware will still be active and could still be stealing your data. So, prior to deploying whole disk encryption, follow CLiNT's advice to ensure the machine is clean.

    On a related tack, if somebody is suspected of physically attacking the machine, you also should consider the network connection and router. If they have access to the PC, they have access to your network and could sniff data. Usernames and passwords can be discovered if not encrypted in transit. They could also attack the router to divert traffic from genuine sites to compromised locations.

    Finally, consider the possibility that an attacker may already have discovered sensitive usernames and passwords and take steps to change these on important sites as soon as possible using an independent machine.

  4. #4
    Join Date
    Mar 2001
    St Louis, Missouri, USA
    Thanked 1,029 Times in 902 Posts
    First rule of security - you must have physical of the object you want to secure.

    If you do not you can't guarantee security all you can do is make it fairly inconvenient for a hacker.


  5. #5
    Gold Lounger Maudibe's Avatar
    Join Date
    Aug 2010
    Pa, USA
    Thanked 621 Times in 566 Posts

    It is not clear when you say "override" as to whether the attacker has hacked your password or is bypassing the logon screen. The first thing I would do is change your password to a very difficult combination of letter/number/symbols/caps until you can find out the technique used. In addition to what other members have suggested, I would also disable the guest account, disable USB/optical drives on boot up (within BIOS), disconnect any ext SATA ports, and password protect the BIOS as well. Since this person lives in your apartment, have you approached him/her? As a temporary measure to prevent stolen sensitive data, if this is a laptop, last resort would be to disconnect the battery and take it with you along with the power adapter and lock it down with an anti-theft cable. You can secure a desktop by pulling the 4 pin power connector from the mother board and locking the case. Lastly, I would get rid of any roommate that violated my privacy. What he is doing is illegal; threaten him with that!

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts