Do you require Ctrl+Alt+Delete at login?

Discussion in 'polls' started by luciddream, Sep 6, 2012.

  1. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Another login question. There's a setting in Local Security Policy > Security Options: "Do not require Ctrl+Alt+Delete". Disabling it protects against keyloggers at Win Login.

    I was wondering who else utilized it. If you ask me, it's one of those things (of many) in Windows that should be used by default. But then again, those extra keystrokes may be deemed an irritant by many.
     
    Last edited: Sep 6, 2012
  2. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Well, this was "supposed" to be a poll anyway. This is the 2'nd time this has happened to me now. Maybe I'm only allowed 1 poll a day or something?

    Anyhow, feel free to give your answers anyway.
     
  3. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,050
    Location:
    USA
    It is needed at work to log onto the domain. Otherwise it is not used. If you already have a keylogger, your setup has already failed. :(
     
  4. tomazyk

    tomazyk Guest

    No, I don't use that option. I login by clicking on user and entering my password.
     
  5. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    492
    I use it as an extra security measure.
    Also, the UAC/secure desktop (not only graying out the background/desktop but switches the desktop entirely) setting is enabled plus a forced ctrl-alt-del.
    So when a program wants to elevate, it forces me to press ctrl+alt-del and then switches to a typical "login window".
     
    Last edited: Sep 8, 2012
  6. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    No, never used that. Just annoying imo. Just touching on any key on keyboard or mouse click to type the password is sufficient security for me. (Linux and Windows 8 has this feature)
     
  7. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Yes, I use it as well!

    Also, I disable the "Welcome Screen" and type username/pswd.
     
  8. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Not necessarily. Measures like this, and KeyScrambler make it so that you could have a keylogger and render it moot. So just in case you had a keylogger and didn't know it for awhile, this could save you until you remedied it.

    How I could remain oblivious to a keylogger with D+ on my computer on the other hand?... dunno. Which is why I ditched KS in the end. D+ would go absolutely ape$h!^. But not at login, before it has a chance to boot up. Hence this Ctrl+Alt+Delete measure.
     
    Last edited: Sep 8, 2012
  9. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    I remember that i needed to do this every time i needed to log into my previous job PC's. :D
    I don't really have a password set on my home PC's so that would be nope. :D
     
  10. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Yes, I use that gpedit setting on my home pc just because it's sound policy. In fact, I also use: Interactive logon: Do not display last user name
     
  11. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    492
    Even Linux-folks want this feature:

    -http://lwn.net/Articles/363347/

    So, Windows-folks should definitely use what's readily available.
     
  12. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Me too. And use classic view wherever I can (Control Panel, Display). And disable the "Themes" service & component... gives your setup a more old school look.

    And as another person said I also disable the last user login info. So I even have to enter my username at login.

    I personally don't find it incredibly annoying to enter a few more keystrokes. No more annoying than the 2 mouse clicks I have to make when I want to enable scripts, which happens about once a day ;) and I sleep better at night as a result.

    "sound policy", agreed. And if Linux users want it, it's good enough for me...
     
  13. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Forgive me for showing up here late. :)
    @ luciddream... could you explain to me how requiring Ctrl+Alt+Delete at logon protects against keyloggers?
     
  14. new2security

    new2security Registered Member

    Joined:
    Aug 8, 2008
    Posts:
    492
    No last login info here either. I love sound policies. I secure & treat my PC as if it were an exposed kiosk computer! Why? Because I can do it. :D

    Bling themes are enabled, but aero is disabled. I enjoyed the "Classic look" for a while, but the buttons were little too small for my taste.

    @page42 - I don't think the ctrl+alt-del sequence does protect you against keyloggers if you already have one in your system. The direct hand-shake-verify between your kernel and hardware (keyboard) that occurs when the keystroke combo is pressed shows that nothing (program or service) has intercepted the login process - at this point.
     
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Can keyloggers start a computer?
     
  16. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    Hello Page42

    Ctrl-Alt-Delete is a general command that will close all active application when you logon. (That's how I have understood it)
    This means that if a program is active when you logon, then it will be interrupted, and thereby should protect your password. If it works in practice, I don't know? ( I use Ctrl+Alt+Delete at logon ).
     
  17. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Thanks for the response, Janus.
    I've looked into this concept a bit deeper, and came upon a pretty good description of what happens when a user presses Ctrl+Alt+Delete at logon. It refers to Ctrl-Alt-Del as the Secure Attention Sequence, which is used to avoid Login spoofing. It now makes sense to me, however the question still remains... Can keyloggers start a computer? More specifically, if login spoofing is allowed to take place and the logon password is stolen, what can a thief do with it... remotely? Isn't physical access to the computer required? I see that Wake-on-LAN can be set up in BIOS, but I'm figuring not many users have configured their computers to do this.

     
  18. Janus

    Janus Registered Member

    Joined:
    Jan 2, 2012
    Posts:
    588
    Location:
    Europe - Denmark .
    That's a good explanation you have found,regarding secure logon. About your other question, for that I have no idea, sorry , but i will lurk in the background, and hopefully someone will come by and enlightened us.

    Regards, Janus :)
     
Loading...