Ad: Manage updates with the Download App
ie8 fix

Windows XP forum: One-time password solutions?

by: Michael45512 August 18, 2012 12:57 PM PDT

Like this

0 people like this thread

Staff pick

Resolved question

One-time password solutions?

by Michael45512 - 8/18/12 12:57 PM

Hello,

Does anyone know any software that implements one-time password options? Here is my situation:

Some guest computers access resources on the file/print server (runs Windows XP). In order to access the resources on the network, they must enter the guest account and password. Because only I know it, I enter it for them.

The risk is that when I enter the password, the guest computer could have malicious software that stores the password for later use. By having the password change every time they log off, it would be difficult to gain unauthorized access.

How do I apply OTP to this situation? Thank you.


Michael45512 has chosen the best answer to his/her question!
Click here to view the answer that was selected.

Answer This
Ask for clarification
Report offensive post
Email to friend
Answers
Answer Best answer as chosen by user Michael45512

Is This A Daily Occurance?

by Grif Thomas Moderator - 8/19/12 4:07 PM

In Reply to: One-time password solutions? by Michael45512

The problem with allowing server access to outside computers is it creates a big security problem.. With critical data, most organizations don't allow such. In the government agency that I worked for, only individuals with network user credentials had the option to access the network and any file/print computers, and they could ONLY use our own networked computers. In addition, we identified SPECIFIC printers or folders which were required for each user and set up sharing so only that SPECIFIC user could access the desired printer or folder. They couldn't simply roam around at will on the server.

Unfortunately, you don't mention how often this occurs...with how many different users.... whether these are stationary or mobile computers, etc. It all makes a difference. And unfortunately, if you install a program that updates a password each time a guest logs off, it because almost impossible for the network admin (YOU) to keep track of any password changes. If the access is only occasional, and you have admin rights, you could change the password immediately after each use by an outside guest. It's also important to make sure the guest computers only have "read" access and not "read/write" when setting up sharing.. If the require "read/write", then you better make sure the guests are well documented and accounted for.

Hope this helps.

Grif


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

I'll clarify.

by Michael45512 - 8/19/12 6:18 PM

In Reply to: Is This A Daily Occurance? by Grif Thomas Moderator

The majority of the computers are mobile. Usually the guest requests access at least once every day. In order to access the printer, they have to connect to the file/print server. They have to log on to an account labeled "guest-print". Once logged on, they are given access to the printer only. The only permission that is allowed is "print".


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

If They Can Only Print, Is There Really An Issue?

by Grif Thomas Moderator - 8/20/12 10:56 AM

In Reply to: I'll clarify. by Michael45512

If you've locked things down so only printing is allowed, then is there a real problem, even if the password is known and remembered?

I've not used such a password program because all our networks are extremely secure and don't allow access to outside users.... but since you allow guests to access your printers, is there really a security issue other than these same guests might be able to print any time they want?

Hope this helps.

Grif


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

There is an issue.

by Michael45512 - 8/20/12 11:28 AM

In Reply to: If They Can Only Print, Is There Really An Issue? by Grif Thomas Moderator

If the guests print at will, they will use countless amounts of paper and ink, and it will drive costs up. That's why I'm looking for one-time password software.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Printing quotas?

by Steven Haninger - 8/21/12 3:37 AM

In Reply to: There is an issue. by Michael45512

I believe that is possible.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Let's stick to the point.

by Michael45512 - 8/21/12 10:30 AM

In Reply to: Printing quotas? by Steven Haninger

All I am looking for is one-time password software, so when the client computer logs off the server with the guest account, the password will change.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

When people try ...

by Edward ODaniel - 8/21/12 8:59 PM

In Reply to: Let's stick to the point. by Michael45512

to help with possible alternative solutions because they do not know or cannot find exactly what YOU WANT there is no need to be RUDE.

Try this one:
http://www.softpedia.com/get/Security/Security-Related/OTPLS.shtml

This would work but you would have to revert to an earlier version of NT as XP came without the POSIX sub-system:
http://www.cl.cam.ac.uk/~mgk25/otpw.html

Here is a shopping list of potential solutions for your edification:
http://www.google.com/search?q=one+time+password+guest+logon


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

(NT) My apologies...I'll bow out

by Steven Haninger - 8/22/12 3:21 AM

In Reply to: Let's stick to the point. by Michael45512


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

I didn't intend to be rude and abrupt.

by Michael45512 - 8/22/12 9:41 AM

In Reply to: (NT) My apologies...I'll bow out by Steven Haninger

I may have said it in the wrong way.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend
Answer Best answer as chosen by user Michael45512

While I've not felt the need to do this, I know you can

by Steven Haninger - 8/20/12 2:39 AM

In Reply to: One-time password solutions? by Michael45512

set passwords to expire after some period of time but I'm not certain what the shortest increment would be. Have you checked into that? It would be found in group policy under password expiration.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

I've heard of that...

by Michael45512 - 8/20/12 6:49 AM

In Reply to: While I've not felt the need to do this, I know you can by Steven Haninger

...but that means I have to set a manual password every time. I'm looking for software that automatically changes the password every time a guest logs off.


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Re: password

by Kees_B Moderator - 8/22/12 3:35 AM

In Reply to: I've heard of that... by Michael45512

If that software resets the password, how would you know what it had become? That would be necessary for you to type it in for the next user.

Why not write a batchfile or so to change it? See http://www.petri.co.il/change_user_password_from_the_command_prompt.htm
Then make a 'log-off' link at the desktop that first calls that batch file, then logs off.

Somewhat more advanced: write a program that makes that batchfile with some smart algorithm (such as incrementing it each time) and run that in the logoff-batch.

Kees


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

I've started with a batch script.

by Michael45512 - 8/25/12 7:07 AM

In Reply to: Re: password by Kees_B Moderator

Now, I need to find a way to copy portions of the command-line to a secure location. Here is the code:

@echo off
net user "guest-print" /random


Was this reply helpful? (0)   (0)

Staff pick

Reply
Report offensive post
Email to friend

Forum Icon Legend

  • UnreadUnread
  • ReadRead
  • Locked threadLocked thread
  •   
  •   
  •   
  •   
  •   
  •   
  •   
  • ModeratorModerator
  • CNET StaffCNET Staff
  • Samsung StaffSamsung Staff
  • Norton Authorized Support TeamNorton Authorized Support Team
  • AVG StaffAVG Staff
  • avast! Staffavast! Staff
  • Webroot Support TeamWebroot Support Team
  • Acer Customer Experience TeamAcer Customer Experience Team
  • Windows Outreach TeamWindows Outreach Team
  • DISH staffDISH staff
  • Dell StaffDell Staff
  • Intel StaffIntel Staff
  • QuestionQuestion
  • Resolved questionResolved question
  • General discussionGeneral discussion
  • TipTip
  • Alert or warningAlert or warning
  • PraisePraise
  • RantRant

You are e-mailing the following post: Post Subject

Your e-mail address is used only to let the recipient know who sent the e-mail and in case of transmission error. Neither your address nor the recipient's address will be used for any other purpose.

Sorry, there was a problem emailing this post. Please try again.

Submit Email Cancel

Thank you. Sent email to

Close

Thank you. Sent email to

Close

You are reporting the following post: Post Subject

If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

Offensive: Sexually explicit or offensive language

Spam: Advertisements or commercial links

Disruptive posting: Flaming or offending other users

Illegal activities: Promote cracked software, or other illegal content

Sorry, there was a problem submitting your post. Please try again.

Submit Report Cancel

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

Your message has been submitted and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.

Close

You are posting a reply to: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Duplicate posts are not allowed in the forums. Please edit your post and submit again.

Submit Reply Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close

You are requesting a clarification of the question: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Submit Clarification Request Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close

You are posting an answer to the question: Post Subject

The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to the CNET Forums policies for details. All submitted content is subject to CBS Interactive Site Terms of Use.

You are currently tracking this discussion. Click here to manage your tracked discussions.

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

Sorry, there was a problem submitting your post. Please try again.

Sorry, there was a problem generating the preview. Please try again.

Submit Answer Preview Cancel

Thank you, , your post has been submitted.

> Click here to view your post. > Manage your tracked discussions. > Track this discussion. Close

Thank you, , your post has been submitted and will appear on our site shortly.

Close
close

Click here to be notified via e-mail when someone submits an answer.

Would you like to resolve this question? close

Based on your response, it looks like this question has been answered.



Sorry, there was a problem resolving this question. Please try again.

Resolve Leave unresolved