Windows Pre-Login Wallpaper
Sponsored By
It's often useful to put information on the wallpaper of a Virtual Machine, or any Windows machine for that matter, that appears pre-login.
Put the full path in HKEY_USERS\.DEFAULT\Control Panel\Desktop\Wallpaper (string) via RegEdit. You can also set tiling on or off using the TileWallpaper (0|1) key in the same tree.
About Scott
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
About Newsletter
October 06, 2005 10:04
/me refrains from making various security-related comments... ;)
Correct me if I'm wrong, but wouldn't putting the username and password PRE-LOGIN on a virtual machine break atleast one major rule in security?
@ Greg
@ John
Probably. But it's just an example. If you look at the text of the post itself, it doesn't say anywhere that passwords on pre-login desktops are a universal good idea.
Consider servers showing the machine name and IP addres. Or a kiosk showing the nonprivileged user/password in the event of a reboot or lockout. Or the same on a client demo machine...
Scott's just showing you how to pull a trigger. It your fault if you use that knoweldge with a bazooka.
=)
@ John
Probably. But it's just an example. If you look at the text of the post itself, it doesn't say anywhere that passwords on pre-login desktops are a universal good idea.
Consider servers showing the machine name and IP addres. Or a kiosk showing the nonprivileged user/password in the event of a reboot or lockout. Or the same on a client demo machine...
Scott's just showing you how to pull a trigger. It your fault if you use that knoweldge with a bazooka.
=)
Duly noted Justin and I completely see where you're coming from.
Perhaps the example was just a bit odd to see because it's using the Administrator username and password, not the guest or non-privileged account. This concerns me because there are a lot of people out there that aren't that security conscience. They stumble across this article and think, "wow, I can do that to our production servers - what could possibly go wrong?"
I understand the trigger and bazooka analogy, I just hope others see it too.
Perhaps the example was just a bit odd to see because it's using the Administrator username and password, not the guest or non-privileged account. This concerns me because there are a lot of people out there that aren't that security conscience. They stumble across this article and think, "wow, I can do that to our production servers - what could possibly go wrong?"
I understand the trigger and bazooka analogy, I just hope others see it too.
What would be REALLY cool is if when using terminal services like this, you could LOCALLY change the login wallpaper for this type of thing (i.e. the login wallpaper is stored on your local machine and is used/overlaid on the remote session login screen). Then security is SLIGHTLY less of an issue. However, you can't so I'll just shut up. :)
Maybe Scott knows exactly what he's doing and that machine is his Honeypot. ;)
Given the context (Virtual PC), I don't think this is a big security issue. Not something you'd want to do on an externally reachable server, but it works well for a local sandbox.
This is great, I can see this being enormously useful in our organisation. On a side note it is kinda funny how a post about wallpapers turns into a debate about security.
I've seen real useful stuff on peoples screens and wallpaper including things like IP addresses, gateways, computername, dns, etc. Does anyone know where that software might be found? I've seen it used in test labs mostly.
Comments are closed.