How do I set windows to perform auto login? - windows

Windows has a feature that allows an administrator to perform auto-logon whenever it is started. How can this feature be activated?

Based on the advice, moved the answer to the answers section:
There are tools out there that give you a GUI for setting this easily, but you can also do it relatively easily by editing the registry.
Under the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon
Add the following values:
DefaultDomainName String < domain-name >
DefaultUserName String < username >
DefaultPassword String < password >
AutoAdminLogon String 1
Important: Using auto-logon is insecure and should, in general, never be used for standard computer configurations. The problem is not only that your computer is accessible to anyone with physical access to it, but also that the password is saved in plain-text in a well known location in your registry. This is usually used for test environments or for special setups. This is even more important to notice if you intend to perform auto-logon as an administrator.

If you don't want to store the clear-text password in the registry, use this method:
Start -> Run
enter "control userpasswords2"
disable checkbox "Users must enter a user name and password to use this computer"
click "OK"
enter a valid user name and password that is used for auto-logon

Related

VS - how to set a general setting to all app's instances?

I'm trying to set a general password to my app, which means every user will have the same password to enter.
I've tried using the Project's settings - [Application.Current.Setting.Default.settingName] for the password - but then each user [in his own installed app on his PC] would have his own password, and that's not what I'm looking for.
Is there a way to set a 'general' setting to all app's instances? My project uses VSTS as well, if there's an option from there.
(I see there's a service called 'Web settings', is that it? If so, would you give me an usage example?)
Thanks!
The good way is that you can store password (can be encrypted) in the configuration file, such as app.config, web.config, then read it from configuration file before use it.
You may replace the password before deploy your app through Replace Token step (VSTS build/release)

How to retrieve a saved ftp password from phpStorm?

I know that technically, this question should be asked on phpStorm's forums, but being a popular IDE (I bet an eventual solution would also work for other popular IDEs from JetBrains), I'm thinking:
someone on SO might know and share the answer (faster than I'd get it from vendor)
the question answer might be useful and valuable to other coders (for that matter, even if I shall need to go on the vendor's forum I will get back with the answer here, when I find it)
If there is any need of context: I accidentally switched the connection type of a saved connection from ftp to local folder and when I switched back, the saved credentials were gone.
The question: Can I retrieve the saved password...
Angle 1: ...from this computer?
Angle 2: ...from another computer that has the same credentials saved, which I could access via TeamViewer, but has the password ●●●●●●(hidden)?
Edit: This method can only be used in the version of 2016.1 or before. For newer version (probably 2016.2), they changed the encode method. There is no clue for me to decode it.
Open C:\Users\.WebIde100\config\options\webServers.xml
Find your FTP and get the encrypted password from the password attribute.
Decrypt the password. I have written a PHP script to decrypt the string:
$pwd = "Your encrypted password here.";
$decrypted = '';
while (strlen($pwd) > 0) {
$decrypted .= chr(hexdec(substr($pwd, 0, 4)) ^ hexdec('dfaa'));
$pwd = substr($pwd, 4, strlen($pwd) - 1);
}
echo $decrypted;
If you trust my tools, you can use https://louislam.net/phpstorm-decrypt-password
If you use KeePass database file to store passwords, you can easely set password for that file, save and then open in KeePass manager, or migrate to other PHPStorm.
Go to Settings/Preferences | Appearance & Behavior | System Settings
| Passwords, enter new master password and save.
Open /.PhpStorm2017.1/config/c.kdbx (in "Keepass 2" or "Keeweb") with saved master password.
Here it is!
See answer here
Retrieve saved (hidden) SSH password from PhpStorm 2017.1
One way that just worked for me was to install Wireshark.
Use a capture filter of 'ftp', and do a "Test connection" inside PHPStorm.
Now stop the capture and examine what you've sniffed. The password will be in there.
I know this is a 1 year old question, but for everyone else, you can try to copy the selected (hidden) password with CTRL+C, and paste it in a text document (tested with 2016.3 on Debian).
For OSX users
Open keychain -> select the System Roots keychain (on the left side) -> search for IntelliJ.
If you click it you will see the ftp-username in the "Account" field. You can also use right click on the records to copy the password.

Remotely turn off Sharing Wizard in Windows 7

I am trying to figure out the registry key in Windows 7 that will turn off Sharing Wizard for a computer (not just a user).
Is this the key?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SharingWizardOn
But here is my problem, there are many values, and I don't know which one to change to Disable the Sharing Wizard on the Windows 7 computer
Which key do I change to 0?
First, it isn't the key
HKEY_USERS\<userId>\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SharingWizardOn
but the REG_DWORD value called SharingWizardOn in the key:
HKEY_USERS\<userId>\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
Second: replacing <userId> in the above path with .DEFAULT will only set it for new user accounts subsequently created (HKEY_USERS\.DEFAULT is used to initialise the new user's registry settings).
To set it for all users you need to change for each existing user profile. This can be done by setting for each user (represented by their security ID – SID – rather than their user name). Iterating through all the subsekeys of HKEY_USERS that *do not end with _Classes would work.
Here the value looks like this in regedit (for my account, hence the path starting HKEY_CURRENT_USER which is just an alias for HKEY_USERS\<My Account SID>):
Yes sure, you are rigth!
Apply For all users
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\SharingWizardOn
Just change ..
CheckedValue to 0
And thats all
You do not need to restart!

Need to disable Sticky Keys for every account on computer

With a program that I'm working on, I have a need to be sure that keyboard access features like Sticky Keys is disabled for everyone.
I have code that can:
Change the active setting for the current user (enable or disable). This only affects the current user when they are logged in and is not something that is permanently set.
Change the registry setting for the current user (disabling by setting HKCU\Control Panel\Accessibility\StickyKeys\Flags to "506"). This only affects the current user's registry entry and will make sure that the settings are set for each time they log into Windows.
Change the registry setting for the ".DEFAULT" user in a similar way as item 2. This means that any new account that is set up on the computer will have Sticky Keys and the hot key for it disabled by default.
What I don't know how to do is to go about changing the setting for all of the existing users whose settings are in the registry when they are not logged in. Essentially, I want to be sure that Sticky Keys are disabled for them. Is there a convenient way that I can parse the registry for all existing user accounts and change that setting?
I Understand Your Problem, the answer is too long to post here,
Please Read this and it i think you will have your answer
let me know how you go
PS, The Link is safe and virus free, don't worry
DISABLING STICKY KEYS FOR ALL USERS
One Last thing, i thought might be useful in your situation
Please be advised that, when you Access a Hidden File called "Default" Under Users
C:\Users\Default
BE REALLY CAREFUL HERE (this file is critical)
Any Changes or settings made to this file will affect all users and all Future User Accounts

Is there a quick and easy way to dump the contents of a MacOS X keychain?

I'm looking for a way to dump (export) the contents of an OS X keychain into a file that I can easily process elsewhere, such as tab-delimited plaintext or something of the sort.
The Keychain Access app does not offer any such functionality, and getting a key's data involves opening each in turn, and having to type in the keychain's password to see the password stored with the key, every time.
After a bit of digging, I found somebody's solution by using AppleScript and the Keychain Scripting app to access keychains (can't link to individual post; scroll down about two thirds to the end of the page):
http://discussions.apple.com/thread.jspa?threadID=1398759
Using Keychain scripting, you can access all data fields of all the keys – including the plaintext password! – and it's fairly easy to dump this data into a text file etc. I've tested it and it works well.
However, this solution still involves having to confirm access to each key by clicking OK on a dialog. This is much better than having to type in the keychain's password every time, but it's still irritating. Furthermore, you have to confirm access twice for each key; once for Script Editor (or the script itself if it's running as an app) and once for Keychain Scripting. So, if you're processing a keychain with 100 keys, you have to manually click OK on 200 dialogs.
I'm now looking for a solution to get around this. I realize that as it's the purpose of keychains to safeguard the sensitive data and prevent precisely the kind of thing I'm trying to do, any such solution would probably involve some kind of hack.
I'd be very interested in your ideas!
Allright, I'm stupid. There's a command-line tool called security that does just this (and lots of other actions on keychains).
An example usage:
security dump-keychain -d login.keychain
This will dump all the data in the login.keychain (the default keychain for a user) as plaintext, including the passwords. You still have to confirm access , but only once for each key, and it's much faster than (and doesn't throw weird errors when trying to access certain fields) using AppleScript. And it's no hack.
Without the -d option, it will dump all the fields except for the password.
The dumped data for a key looks like this (for an internet key; program keys and certificates have other fields, but the format is the same):
keychain: "/Users/<username>/Library/Keychains/login.keychain"
class: "inet"
attributes:
0x00000007 <blob>="tech.slashdot.org (<username for this web login>)"
0x00000008 <blob>=<NULL>
"acct"<blob>="<username for this web login>"
"atyp"<blob>="form"
"cdat"<timedate>=0x32303038303432333038323730355A00 "20080423082705Z\000"
"crtr"<uint32>=<NULL>
"cusi"<sint32>=<NULL>
"desc"<blob>="Kennwort des Web-Formulars"
"icmt"<blob>="default"
"invi"<sint32>=<NULL>
"mdat"<timedate>=0x32303038303432333038323730355A00 "20080423082705Z\000"
"nega"<sint32>=<NULL>
"path"<blob>=<NULL>
"port"<uint32>=0x00000000
"prot"<blob>=<NULL>
"ptcl"<uint32>="http"
"scrp"<sint32>=<NULL>
"sdmn"<blob>=<NULL>
"srvr"<blob>="tech.slashdot.org"
"type"<uint32>=<NULL>
data:
"<the plaintext password for this key>"
Please read this: https://gist.github.com/rmondello/b933231b1fcc83a7db0b
Ignore:-----
I found a sollution to the "Always Allow" dialog in each key!
Just run the previous command with sudo.
sudo security dump-keychain -d login.keychain
This way you'll only need to enter your password two times. One on the Terminal to sudo and another to unlock the keychain! ;)
Have a nice day!
Update, there is now a tool that does this nicely:
Keychaindump is a proof-of-concept tool for reading OS X keychain passwords as root. It hunts for unlocked keychain master keys located in the memory space of the securityd process, and uses them to decrypt keychain files.
Source: https://github.com/juuso/keychaindump
Actually I was just looking for the same:
Modified applescript from github somebody posted. To be run in ScriptEditor and must be allowed in Preferences & Security.
set keychainPassword to "yourpasswordgoeshere"
tell application "System Events"
repeat while exists (processes where name is "SecurityAgent")
tell process "SecurityAgent"
delay 0.1
try
set value of text field 1 of window 1 to keychainPassword
click button "Allow" of window 1
end try
end tell
end repeat
end tell
You must click each window separetly in order to activate them. For that I used tool "murgaa auto clicker" I had known from runescape many years ago (http://www.murgaa.com/auto-clicker-mac/ seems still active). You just set shortcut for autoclicking (eg. Command+R) and set timer to 10ms and it works like charm.
Keysafe
Keysafe reads and decrypts Apple Keychain files. Use Keysafe to securely access your passwords and credentials without a Mac.
I wrote a tool called Keysafe to extract the contents of Keychain files. The tool is available on Mac, Windows, and Linux.
Keysafe is not free; a licence is required to fully decrypt a Keychain. Without a licence the contents are still extracted but the decrypted values are partially redacted and secure notes are not post-processed into RTFD files.
If you have a Keychain that does not "just work" with Keysafe, please get in touch. The Keychain format is expansive and finding edge cases is always interesting.
I found solution for not clicking "Allow" multiple times
sudo su
security dump-keychain -d /Users/YourUsername/Library/Keychains/login.keychain

Resources