Wednesday, April 19, 2006
Why do I have to press CTRL+ALT+DELETE to logon
Why don't the logon screen just appears directly without having to press
this combination ?
As Keith Brown says in his book "A .NET Developer's Guide to Windows
Security" . Always Asking the user for his password trains the user to
always type his password whenever asked. And since it can be any
malicious code asking the user for his password so logon screens must be
kept to minimal.
The Sequence of CTRL+ALT+DELETE can only be traced by Kernel mode , so
this is a clear message from the user to the OS that "I need to type my
password to logon". This Sequence cannot be tracked by user mode. So try
seriously to use the logon user account instead of asking him.