I'm using a batch file to map local drive A: to another network location. The batch file prompts the user for a username, followed by a password.
How would I implement the same functionality in a popup UI instead of relying on the console? The console doesn't provide any feedback during password entry. I want something like this picture:
A UI would be more convenient for the users because they wouldn't have to retype the entirety of our standard fifteen character passwords if they've made a mistake.
Related
Hello Stackoverflow Community,
I was wondering if it would be possible to change the way a user logs in using Windows. I currently have Windows 8.
What I mean by this question is that instead of a user entering a password to log into their account or using a finger print scanner, we can have something like a matrix of numbers (like the movie) that keeps scrolling up or down. A user has to click in a certain way or combination. Or the user has to drag certain numbers over others in different columns (some sort of idea along those lines using some sort of algorithm).
Is it even possible to change the way a user logs into their account on Windows? I do have an old laptop I can mess around with.
Thank you.
Windows has 3 built-in Sign-in Options
Login using a Password
Login using a Picture Password (you login using three gestures saved on a picture)
Login using a 4 Digit PIN
Apart from this you can get rid of Windows Sign-in option by running 'netplwiz' in run box and unchecking the box that says “Users must enter a user name and password to use this computer”.
You can then use software like Eusing Maze Lock
XUS PC Lock
Also using fingerprints is possible if you have a fingerprint reader. Check if 'Biometrics\Credential Provider' registry entry for this is disabled if you are unable to get a fingerprint option in Sign-in options.
I want to implement a self reset password functionality for Windows 7 users. When the Logon screen prompts the domain users should be presented with a forgot password button which will open the password reset wizard. So the problem is how to add a command button to the standard windows logon screen?
I know about GINA in Windows XP as mentioned here:
Adding command button to Windows Logon screen
But this topic is 3 years old, and with Vista / Windows 7 Microsoft came up with "Microsoft Windows Credential Provider".
Those button are called "Tiles", and they are implemented in a Credential Provider. Anything you read about a Gina will not work in Vista or later.
Those tiles a created by the LogonUI.exe process, itself launched by Winlogon.exe. LogonUI.exe runs with high priviledges. You don't want to run anything there. Besides, any wizard you run will run under the system account. Security issues aside, anything that resets the password of the current user will not work.
But let's assume that you have a solution that can reset a user's password. Like a web site (or a local application) that :
Ask for the user's name
Ask some security questions
Connects to Active Directory to reset the password
Then here is a way to implement the functionality.
Create a user, a domain user if possible. Give it a name and a password easy to remember, like "reset" and "reset". Make shure that everybody knows the password.
Change the shell of that user to Internet Explorer, that you would be running in kiosk mode, pointing to your web application.
Now when someone wants to reset their password, here is what they will do :
Use the standard Windows Credential Provider, like they do every day, but with the user "reset" and the password "reset".
Instead of the normal Windows shell, they will be presented with your password reset web application.
The user resets their password and they are instructed to log off using CTRLATLDEL
They can log in with their own username and brand new password.
This idea can be improved upon if you are ready to write some code:
Instead of Internet Explorer, write a simple web application that wraps the web browser control. if the application is closed, or any other funny business, logoff.
Hack one of the Credential Provider samples to supply the well know password reset username and password, making password reset merely a click away
Change that password reset credential provider's image to reflect the password reset functionnality.
I have an app which asks the user for a username and password which I want to be saved (so the user doesn't have to reenter his data on every launch).
Of course I need to acces the username and password on the next application start. Can you tell me how to do it?
One more thing: the username (and pw) is saved in the AppDelegate but I need it in a different class later..
The proper place to keep a username/password is in the keychain. It's made easier with open source wrappers such as SSKeychain.
The way I suspect you want to do it is with NSUserDefaults, which you can read about in the Preferences and Settings User Guide.
Either way you can get at the information quite easily from elsewhere in your application.
But you really should do it the first way.
Give it a try and come back and ask a more specific question if you can't get it to work.
I am developing a VB.NET based application which requires administrative privileges in order to run properly. However I went through several tutorials online and it all mentioned how to do this using a mainifest file. The problem with this technique is that whenever the program is opened I need to type in the Administrator password, however I want this to happen automatically. (The user should not type the Admin password, the password must be entered from the code level)
The following code is the closest I could find, but it too does not satisfy my problem,
Dim securePass As New Security.SecureString()
Dim pass As String = "password"
For Each c As Char In pass
securePass.AppendChar(c)
Next
' If there isn't a domain, set the argument to 'Nothing', as demonstrated below.
Process.Start("testsoftware\WinKBSel\WinKBSel1003.exe", "username", pass, Nothing)
Could anyone please let me know how I could do this without requiring the user to enter the administrator password?
You would probably be best splitting the application up, if you had a back-end service that runs under an administrator account your application could use that to do stuff it requires at an elevated privilege. UAC is designed to protect the user from themselves, you can get around it by adding a backend service... but be very careful about opening up holes in this way as they could be exploited by other applications/viruses. Storing an administror password inside an application is always a bad idea as the application could be decompiled and the password extracted.
You cannot create a program that will automatically log on as a user unless the username/password is already known.
That means that you're either restricted to running on systems where your app already knows the credentials, your user has to enter the credentials into your app, or your user has to use the "Run As" functionality in Windows to use the correct user.
If what you're proposing were actually possible, it would represent a huge security hole: you'd be able to run any code as any user without requiring authentication first. That is not a good thing!
Think about it like this: if you were sold a program that would automatically log on as administrator even without your permission, how would you feel?
UAC is designed so that you cannot do what you want. UAC ensures that in order to elevate the user must pass through a UAC dialog (either the admin consent dialog or the over-the-shoulder dialog). You need to adapt your expectations to the reality of UAC.
You don't need a code for this action, UAC is made so you can automatically log on without the user's permission. What you can do is use the manifest and change the startup so when the application starts it runs as administrator and asks for permission! Change the manifest. look it up!
I'm writing an application which needs to store login data for multiple (XMPP) accounts on Windows.
Currently the application stores them in Windows' "Stored User Names and Passwords" using CredRead and CredWrite. And here is the problem: The login name for an XMPP account cannot be changed (it's the account's JID), but Windows only stores user name/password pairs under a given target name. I use something like "xmpp:account#server.tld" for the target name and don't use the user name at all during login. The user can't even set the user name from within the application (it will be set to "account#server.tld" automatically instead).
Now I would like to prevent the user name to be changed to something different by the user (using control panel or rundll32.exe keymgr.dll, KRShowKeyMgr) or an other application as this is currently possible and somehow confusing because the actual value is ignored anyway. If I open up the "Stored User Names and Passwords" dialog (using rundll32.exe keymgr.dll, KRShowKeyMgr), the entries which are created by my application are listed as "xmpp:account#server.tld (LegacyGeneric)" and can be edited using the "Edit..." button.
The list contains also an entry for Windows Live (listed as "live_account#hotmail.com (WindowsLive)"), whose user name cannot be changed (trying so will bring up a message box saying: "Windows cannot save the logon information. Make sure the information is correct and that all required fields are completed.".
And here is (finally) my question: Can I get this behavior for my application as well? How can I change the credential type to something different than "LegcyGeneric"? Or is there a better way to store only the password for a given login name (maybe using Windows Data Protection), while still using some "standard" Windows way of storing them?
Any hints and answers are appreciated.