Roomate annoyance...

[czech09]

Well somehow my roomate figured out how to get into my Windows on my comp even though I have a password on it all I know is he logs in as "administrator" and somehow gets in is there some trick to that or what should I do to make sure he can't get in?

Thanks...

 

[FreakyGuy]

Log off and hit ctrl-alt-del a few times until a logon window comes up. Type in 'administrator' in the user and hit ok. Then go to control panel --> user accounts. Select Administrator and then create password.

 

[Zugzwang152]

You have the default Administrator account unprotected. This account doesn't appear by default on the Welcome screen. You can boot into safe mode, log in as the Administrator account, then set a password. Do this before he does.

 

[stash]

Change the password on the administrator account and make it a strong password? Don't write it down...don't tell anybody what it is.

Make it a minimum of 7 characters with a mix of capital and lowercase, numbers and symbols, or even better use a passphrase. For example: The quick brown fox jumped over the lazy dog! is a good passphrase, except for the fact that it is well known (ie, make up your own).

 

[mechBgon]

1) Right-click My Computer, select Manage, go down the tree to Users & Groups > Users, right-click the Administrator account, and give it a strong password. This account isn't normally used, so feel free to make it NICE and strong :evil: Example: OMGNO'PUTER4U!!!1! ought to do it

While you're there, make sure there aren't any extra Admin-class accounts besides the built-in Administrator one and your own.

2) If it's Windows XP, scan for viruses and spyware, then upgrade to Service Pack 2 if you didn't already. I'm not a security pro, but I think SP2 may restrict logging on locally as Administrator.

3) Change your own password if it's not "strong." czech09@AT for example, hard to forget that one and yet it's not dictionary, has numerals, a symbol and caps. And long enough to hold off brute-force approaches for a while, or one hopes so.

4) Sit your roommate down with your TA and discuss it. Why isn't he/she using his/her own computer, is a question that comes to mind.

5) Remember to get a Single room next semester

6) You may want to create a brand-new Admin-class account that's password-protected and which you ONLY use when you actually need Admin-level power. Then bring your own account down to Limited and see if your software is OK with that. This would mean that even if your roommate walks in and finds your account logged on and unguarded, he/she cannot change the Administrator account's password, nor create a new Admin-class account for him/herself, nor change YOUR password either. Because your Limited account wouldn't posess those capabilities.


Hope that helps

 

[mechBgon]

Holy swarms 'o assistance, Batman! :Q err.... fourth!

 

[stash]

I'm not a security pro, but I think SP2 may restrict logging on locally as Administrator

Errm...no?

XP (all versions) does restrict access over the network by default. If you create an account with a blank password, that user can only log on locally, at the console. Accounts with blank passwords cannot access the computer over the network.

But that doesn't really apply here.

 

[mechBgon]

Thanks for the info

 

[VirtualLarry]

Steal room roomate's beer out of the fridge in retribution. When he complains, sit him down and make some mutually-respecful ground-rules. There isn't very much you can do in terms of security that will be effectively in the face of someone with physical access, that is dedicated enough to "hack into" your machine, short of a hardware-level IDE encryption card, with a hardware dongle that you pull out and take with you during the day while you are out of your dorm room.

 

[czech09]

Thanks fellas.

 

[MercenaryForHire]

I'm fully aware that this is OS and not OT, but I'm going to have to recommend a solid heatbutt to the bridge of the nose, then tell him to quit f***ing with your computer or you'll tattoo (insert your sneaker brand here) backwards across the back of his head.

Or you could talk to your RA.

- M4H

 

[RVN]

Hey czech09 buddy!!! ...how'd you find out man? I'm sorry man, I won't do it again ...thought I was cool with you.




Just threaten the guy within inches of his life. These are the important lessons to learn in the real world.

Violence! Violence! ...it's the only thing that will make you see sense! ---Ian Hunter

 

[Jeff7]

And make the security changes soon - he could permanently lock you out of the computer if he's got Administrator level access.

You could also have fun, and rename the system Administrator user, and make another user, with the name Administrator, but only give it low-level user-level or Guest rights. This is of course risky, as you might leave a security hole open somewhere that he could get through, but it could be fun to toy with him. Maybe save that for after you learn more about security. :evil:

Also, maybe consider a BIOS password, set to be entered every time the computer is turned on. Yeah it's mildly annoying for you, but it'll keep him out of the computer - unless he pops the case open and uses the CMOS Reset jumper.

 

[RelaxTheMind]

windows xp security is weak by far. iYou could do the "administrator name change" to be funny. but if it were me id put a monitoring service like a keylogger and monitor what the hell he/she does on your computer such as capturing their passwords and accounts. sometimes you can find out interesting things when you play dumb. then again im not sure of the legalities of that.

Or I would take a nice detailed picture of my bare ass and blow it up in the background of the administrator account. the humorous things you can do are endless. hehe

 

[talyn00]

you might want to disable bootable devices too, floppy, cd drive, etc. he can reset your passwords if he was ambitious enough to use the NT password reset disk

 

[stash]

windows xp security is weak by far

:disgust:

 

[Codewiz]

I would change the name of the Administrator account to something he wouldn't guess.

 

[Budman]

Like Jeff7 said I would just set a bios password for you to enter at pc boot-up.

 

[superkdogg]

Originally posted by: Budman
Like Jeff7 said I would just set a bios password for you to enter at pc boot-up.

Either that or punch him in the eye! That usually solves unauthorized access problems.
:beer:

 

[Sunner]

Many good tips here, but I'd still start out by beating him up.

 

[imported_JFG]

put naked pics of his girlfriend as wallpaper for your computer

 

[imported_brad]

Originally posted by: czech09
Well somehow my roomate figured out how to get into my Windows on my comp even though I have a password on it all I know is he logs in as "administrator" and somehow gets in is there some trick to that or what should I do to make sure he can't get in?

Thanks...

i would like to make a suggestion outside the box so to speak. you might want to look at moving your system into a case that has a lockable front panel. I have an Antec Soho II file server and it comes with a nice little front panel that locks so unwanted users cant physically push the power button unless they break open the door (or pick the lock). Since its a home box though, i have removed the door.

but yes, to re-iterate, give your administrator a password, set your screensaver to pop up a login screen too if you can.

 

[MNKyDeth1]

Don't forget the guest account. Now, I havn't ever used windows XP but I know win2kpro and previous versions of windows have a guest account wich is enabled aswell. Make sure you either turn that off (disable) or password that aswell. If you really want your room mate to stay out of your comp you really have to set a password in your bios like previously mentioned, an F8 into safe mode makes your comp easily accessable aswell, to a point where he could re-add a user and such if he knew what he was doing.

Also, if you guys share the same network get yourself a good firewall, there are lots of access points on a windows machine over the network. You may want to change your user password if you had one set before as if he had admin access he may have peeked at your password.

If this was a really computer savvy person and you are afraid he/she might try to get back into your comp you may want to do some frequent backups. All it takes is a quick swipe to that registry and the comp is basically lost and a re-install is needed.

 

[VirtualLarry]

One further solution - sell your current PC to your roommate (make sure to gouge him on the price a bit), since he so badly wants to use it, and then buy a laptop for yourself, and then take it with you when you leave. Ok, not really the greatest solution, especially if you have any "attachment" to the current machine, but there is an opportunity here for ... profit!!!

 

[NiKeFiDO]

you guys are forgetting the most important thing!

mess with your roomies computer! look @ pron!!

jk, thats totally not following the golden rule thing.....