You can try this, as you see it can be bypassed. Further down is a trick that will work, however I don't recommend it unless you are a very experienced user.
Require Network Validation Before Allowing Windows Access
===================================================
Setting this option will require that users logging on to a Windows 95 or 98 machine must first authenticate through the network before being granted access to the local desktop. (Note: This will not effect docking stations when they are undocked.) To set this option, go to:
HKLM\Network\Logon
and create the value "MustBeValidated" (REG_DWORD) and set the value to 1 to require validation, or set the value to 0 to allow users direct access to the desktop without authenticating through the
network.
NOTE: This setting can be circumvented. If this setting and the "Don't show last user at logon" setting is enabled, a user can bypass the validation restriction by entering a bogus domain name in the Domain Logon box. When a
non-existent domain is entered, instead of receiving an error message, the user is prompted for a local logon, which can be bypassed by pressing ESC.
See Microsoft KB article Q178979 for more information. Microsoft has a released a fix that can be obtained by contacting MS support directly, but it has not been fully regression tested.
You can also add;
HKLM\Software\Microsoft\Windows\CurrentVersion\Winlogon
add string value;
LegalNoticeCaption
and
LegalNoticeText
Whatever you type between the "quotes" will show before the user gets a chance to login.
One is for what is printed on the Windows Box and the other is what is printed within the box.
==============================================
Do not attempt any of the following unless you are a very experienced user.
Let's not mince words: The Windows log-in dialog box sure is ridiculous. It sits there, asking for a user name and password. If supplied with a user name it hasn't seen before, Windows lets the stranger in. If someone wants to provide no information at all, they can simply press Escape. Granted, Windows 9x was not designed to be a secure operating system, but wouldn't it be nice if there were a simple way to ensure that only certain user name and password combinations could get past that log-in box?
Hack the Registry just a bit, and you can control who logs on to your PC. Before performing this hack, however, take the following important setup steps, or you may lock yourself out of your own PC.
You must begin by enabling user profiling on your system. Select Start, Settings, Control Panel, double-click Passwords, and click the User Profiles tab. Select the option "Users can customize their preferences and desktop settings." Also place checkmarks in front of both checkable options. Select OK.
Now create an account for yourself. From the Control Panel, double-click Users and use the wizard to add a profile for yourself. If there is no Users icon in your Control Panel, you're running the original version of Windows 95, and need to take the following step instead: Choose Start, Shut Down, select "Close all programs and log on as a different user," and click OK. When the log-in dialog box appears, enter a new user name and password. Type the password again when Windows asks for confirmation.
Now you're ready to hack the Registry. Start by navigating to the following key:
With the Run folder selected, select Edit, New, String Value. Type GoAway and press Enter to give the value a name. Now double-click GoAway and enter rundll.exe user.exe,exitwindowsexec. rundll.exe user.exe,EXITWINDOWS. Click OK. That's it--you can close RegEdit now.
The next time the Windows log-in box appears, you can log in with the user name and password you assigned yourself. If anyone presses Escape or enters a new user name and password, however, Windows will think it over for a bit, and then immediately log them out, returning them to the log-in dialog box.
This method is not foolproof--a savvy Windows user can probably find a way around such a minimal security strategy. But it is certainly enough to keep casual snoops out.
=============================================
Another similar way:
There is a way to set things up that offers protection against a user hitting Cancel or
just typing in a new username at the Windows logon prompt. If all you want to do is
protect against unauthorized Windows access, You can do this...
1) Run Regedit.
2) Go to, and open, the
HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run key.
3) In the right-side pane, right-click, and create a new string value called NoDefLog (it
could be another name if you wish).
4) Doubleclick on this new key and enter the string (exactly) rundll.exe user.exe,EXITWINDOWS
5) Close Regedit.
What this does is set up a situation for the Default User, which is what you are if you hit Cancel at logon, where they are immediately exited from Windows. When a new user
is created, by typing in a new username in the logon prompt box at logon, they inherit this key, which will cause them to be exited from windows also.
The only note on this is that if you are actually maintaining a multi-user system (profiles), then you want to remove the above registry key/entry temporarily before
creating the new user.
For added safety I created this vb script:
which you can put on the desktop to try it out.
============BEGIN CUT=====================
Dim WSHShell
Set WSHShell = WScript.CreateObject("WScript.Shell"
WSHShell.Popup "Delete value HKCU\Software\Microsoft\Windows\CurrentVersion\Run\NoDefLog"
WSHShell.RegDelete "HKCU\Software\Microsoft\Windows\CurrentVersion\Run\NoDefLog"
Sub Welcome()
Dim intDoIt
intDoIt = MsgBox(L_Welcome_MsgBox_Message_Text, _
vbOKCancel + vbInformation, _
L_Welcome_MsgBox_Title_Text )
If intDoIt = vbCancel Then
WScript.Quit
End If
End Sub
================END CUT======================
i just have a question regarding the above solution, would it allow someone to boot in safe mode and re-edit the registry settings ?
any feedback will greatly be appreciated.
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.