Need Security Upgrade (software?) for XP Pro

[Mr.McNally]

Hello, Can anyone give me some instructions regarding setup of windows xp logon proceedings so that the log-in password in no longer bypassable in any way. I need a way to lock it up so tight that if I were to forget the password, I would probably die of old age before it could be cracked.

I need to get rid of this method going in and deleteing the user file to get past the log on . I need to make it so that no one can bypass my logon password encrption with a sort of tool like what one might find on Hiram's boot cd.

I was thinking that I could move some of the windows components into a truecrypt volume, where windows wouldn't work very well/if at all, until the trucrypt volume was opened.

Any and all suggestions welcome. :welcome:

[NIM]

We're just testing the PGP encryption at work. So far it seems like a very good solution. You can check it out if you like.

http://www.pgp.com/

Only admin can recover your lost key, and that admin is you. :icon_rolleyes:

[Kelsenellenelvian]

Does that prevent someone from using a "Live" CD to access the data n1k?

[NIM]

Does that prevent someone from using a "Live" CD to access the data n1k?

Nobody can access the data without the encryption code mate..

[Kelsenellenelvian]

So that program encrypts your whole drive?

[NIM]

So that program encrypts your whole drive?

Yes

[Kelsenellenelvian]

OOoOoooOOo Very cool.

[Mr.McNally]

Sounds good. I will look into it. My biggest worry about using this sort of software is that my key file might become corrupt or something gets mussed up with the encryption software, then I will be locked out of my own data.

Have you ever had to deal with this before? I am sure had backup to replace any damaged files though.

[heath28m]

I use three to four tools for this on my system.

1) Secure your BIOS settings and access with a password..and make sure that the settings do not allow anyone to boot from CD.

2) I use a program called LockMyPC. This program locks and disables drives, and usb access. You can lock your CD doors as well.

3) I also use ID Security Suite USB Lock Key. This will not allow access to the system as well and is easily deployed and undeployed using the key which can be changed often. If Either program is killed, the system locks up and you have no option to continue besides hitting the power button and restarting. When you do this then you hit the BIOS Password, and you will not have access to even use a cd or tool to change the password. To get past this you would have to reset the BIOS/CMOS Password.

4) I use PGP and when you encrypt your drives in a manner that you would have to do so on startup, then you will be waiting hours in either direction, encrypting and decrypting the drive. Not to mention the fact that you must keep the spare ISO burned to disc in the even the the PGP boot screen is damaged or altered in some way. You can however take sensitive files and protect them with the encryption. this will prevent access to these files. With the combination of the Key and some disc space you could always take your files with you as well, after shredding them off of your system. This will prevent the recovering of these files even though they no longer exist. Information and these files are still recoverable even after normally erasing with XP.

I use quite an extensive list of Tools... I also use a Program called Security Administrator which allows detailed changes to your system and I recommend it. I believe it is made by SecAgent.