home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
CD ROM Paradise Collection 4
/
CD ROM Paradise Collection 4 1995 Nov.iso
/
database
/
mltlck10.zip
/
MULTLOCK.TXT
< prev
next >
Wrap
Text File
|
1994-12-08
|
15KB
|
276 lines
Windows Multi-Lock Version 1.0, Dec. 1994
Registration
Installation
Setting up Username-Password combinations (multiset.exe)
Using the Password Dialog (multlock.exe)
Recommended Usage
Further Windows Security Options for Program Manager
Installation
To Install Windows Multi-Lock simply copy the files multlock.exe, multiset.exe, and multlock.hlp to any
directory in your PATH. The most obvious choice is the c:\windows directory. When this is done you are
ready to setup your initial password. This is done by running multiset.exe.
You can run these executables from the Run command in Program Manager or File Manager but a
preferred method would be to create an entry for each one in an existing or new program group. This
information is available in the Windows documentation.
The multiset.exe program will write out files that contain username-password information. These files will
be written to the directory defined by the environment variable WINLOCK. An example of how this
environment variable should be set in the autoexec.bat file is as follows. The windows directory does not
have to be used, any directory you wish may contain the files used by these two programs.
SET WINLOCK=c:\windows
Setting up Username-Password combinations (multiset.exe)
To correctly use Windows Multi-Lock, an explanation of the username-password scheme is needed.
There are two types of username-password combinations: admin and user. An admin username-password
combination should be assigned to the controlling user of the system to be protected since this username-
password has the privilege to add and delete users, assign users to executables, and to execute any
executable on a system no matter if the admin username is assigned to it or not. The admin username-
password combination is analogous to the UNIX super-user or an administrator account on Windows NT.
There is only one admin username-password combination on a system and it will be the first one defined.
A user username-password combination will be initially added by the admin and the executables that this
user has privileges to execute will also be defined by the admin. The user can modify his own password,
but this is the only control the user is given.
To set up the admin username-password and any additional username-password combinations, multiset.exe
must be executed.
Run multiset.exe
The dialog will appear to setup Windows Multi-Lock:
When this dialog appears for the first time it will prompt you to define the admin username-password.
Once this is done, the admin username-password must be entered whenever multiset.exe is executed to
perform any actions other than changing a user's password.
The cursor will be positioned in the Admin. Username field when this dialog appears. Once the admin
username has been typed, press TAB to proceed to the Admin password field and type the admin
password. After the admin password has been typed press ENTER. The software will notify you if the
username-password was entered correctly and if it was, then you may continue with any of the pull down
options under FILE.
Change User Password
When the FILE - Change User Password option is chosen, the Windows Multi-Lock Change Password
dialog will appear. This dialog allows any user to change his password, if the old one is known.
The cursor will be positioned in the username field when this dialog comes up. Type in the username
desired and then press TAB. This will take you to the old password field. Type in the current password
associated with the username and then press TAB to proceed to the new password field. Type in the new
password desired and then press TAB again. Type in the new password again to confirm your change and
then press ENTER or OK to accept the change. Press Cancel if you do not wish to change the password.
Add New User
When the FILE - Add New User option is chosen, the Windows Multi-Lock New User dialog will appear.
This dialog allows the admin to add a user to the system.
The cursor will be positioned in the username field when this dialog comes up. Type in the username
desired and then press TAB. This will take you to the password field. Type in the password desired for the
username and then press TAB to proceed to the password confirmation field. Type in the desired password
again to confirm it and then press ENTER or OK to accept the it. Press Cancel if you do not wish to add
this user the password.
Delete Username
When the FILE - Delete Username option is chosen, the Windows Multi-Lock Delete Username dialog will
appear. This dialog allows the admin to delete selected users from the system.
When this dialog appears, the all the current usernames on the system will be displayed in the list below the
username field. The first username in the list will always be the one that is recognized by the software as
the admin password. To delete a user, simply select the username you wish to delete and press the select
username button. When a username is selected, it will be displayed in the username field and the associated
password will also be displayed. This is also a way for the admin to examine the passwords of the various
users on the system. Press Cancel if you do not wish to delete any usernames.
Executable/Username Assignment
When the FILE - Executable/Username Assignment option is chosen, the Windows Multi-Lock
Executable/Username Assignment dialog will appear. This dialog allows the admin to add or remove users
to a specified executable. When a username is added to an executable, this user then has privilege to
execute this executable. This is assuming that the executable is protected by multlock.exe as detailed in the
Recommended Usage section.
The cursor will be positioned in the executable field when this dialog comes up and the currently existing
usernames will all be displayed in the available usernames list. Type in the name of the executable desired
in the executable field. When you complete typing in the name of the executable, you may begin assigning
users and setting the entrap option, do not press RETURN. If you have previously defined some users
and/or the entrap option for the executable you specified, the defined users and the selected entrap option
will be displayed. You may add a username by highlighting an available user and pressing the add button.
You may remove a username by selecting an assigned username and pressing the remove button. You do
not have to define any users for an executable to save this form. This is often the case when you only wish
the admin to have a particular access and you also wish the cursor entrapped. Once the desired users are
assigned to the specified executable and the entrap option is set as desired, press OK to save the settings.
Using the Password Dialog (multlock.exe)
Run multlock.exe
The dialog will appear to enter a username-password combination:
The cursor will be positioned in the username field when this dialog comes up. At this type in a password
previously defined using the Setup Windows Multi-Lock Dialog. Pressing the TAB key after the password
is typed will take you to the password field where the password associated with the username should be
typed. Pressing ENTER after typing the password has the same result as selecting the OK button. If an
incorrect password is entered then a warning dialog will appear. If a correct username-password was
entered the dialog will dismiss.
If the Entrap Cursor option was selected on the Setup Windows Multi-Lock Dialog then the Cancel button
will be disabled and the cursor will be restricted to the Password Dialog until the proper username-password
is entered. If the Entrap Cursor option was not chosen then the Cancel button will dismiss the Password
Dialog.
The multlock.exe program can be run without any command line arguments to lock the system when using
the Entrap Cursor option. It can also be run with command line arguments to run another executable when
the correct password is given. The command line arguments will include the name of the executable and
any arguments it may require.
To password protect Microsoft's Paintbrush you would enter the following in the command line field of the
Properties Dialog for Paintbrush:
multlock.exe pbrush.exe
If you wished to bring up Paintbrush with a bitmap:
multlock.exe pbrush.exe example.bmp
Recommended Usage
Windows Multi-Lock can be used in a variety of ways.
To lock the system quickly.
By having a readily available icon that executes the Password Dialog with no command line arguments, you
can lock your system quickly. The Entrap Cursor option must be selected for this to be effective. Unlike
some screen savers with passwords, Windows Multi-Lock can be initiated when desired and since it is not
a screen saver it will allow you to lock your system and still have your favorite screen saver selected for
normal usage.
To give users the privilege necessary to unlock the system, you must assign their username to the
multlock.exe executable itself. Use the Executable/Username Assignment under the FILE menu on the
Setup Windows Multi-Lock Dialog to assign a username to an executable.
To password protect programs.
By changing a programs command line field in the Properties Dialog to include multlock.exe before the
program name you can password protect that program. This will not prohibit a user from executing the
program using the Run command of Program Manager or File Manager, modifying the Properties, or
modifying program groups. To further protect a system, restrictions can be placed on Program Manager
and the File Manager itself should be protected with the Password Dialog.
To give users the privilege necessary to execute a program, you must assign their username to the
executable itself. Use the Executable/Username Assignment under the FILE menu on the Setup Windows
Multi-Lock Dialog to assign a username to an executable.
To password protect the system at startup.
By placing the multlock.exe program in your startup with the Entrap Cursor option enabled, you can
prevent someone from simply restarting windows to get around a password.
These steps should protect a system from unauthorized access by the majority of users, but they are by no
means crack proof.
Further Windows Security Options for Program Manager
By adding a section to the progman.ini file in the windows directory you can further protect your system.
The Restrictions section, [Restrictions], disables some capabilities of the Program Manager environment.
The following entries can appear in the [Restrictions] section:
Entry Meaning
NoRun= Specifies whether to disable the Run command on the File menu. If this entry is set to 1,
the command is disabled. If this entry is set to 0, the Run command is enabled. The default is 0 (enabled) if
no value is specified.
NoClose= Specifies whether to prevent the user from exiting Program Manager through the File
menu, the System menu, the ALT+F4 accelerator, or the Task List. If this entry is set to 1, exiting is
prevented. If this entry is set to 0, exiting is allowed. The default is 0 (allowing exiting) if no value is
specified.
NoSaveSettings= Specifies whether to disable the Save Settings on Exit command on the Options menu. If
this entry is set to 1, the Save Settings on Exit command is disabled. If this entry is set to 0, the command is
enabled. The default is 0 (enabled) if no value is specified.
NoFileMenu= Specifies whether to disable the File menu and all of its commands. If this entry is set to
1, the File menu is disabled. If this entry is set to 0, the menu is enabled. The default setting is 0 (enabled) if
no value is specified.
EditLevel= Controls the extent to which the user can modify read-write groups. (Shared, read-only
groups cannot be modified.) This entry may be set to one of the following values:
Value Meaning
0 Allows any modifications to the group. This is the default.
1 Prevents the user from creating, deleting, or renaming groups.
2 Prevents the user from creating, deleting, or renaming groups and from creating or deleting items in
a group.
3 Prevents the user from creating, deleting, or renaming groups; from creating or deleting items in a
group; and from changing command lines for items in a group.
4 Prevents the user from changing any property of an item in a group; from creating, deleting, or
renaming groups; from creating or deleting items in a group; and from changing command lines for items in
a group.
Setting NoRun to 1 and EditLevel to 3 prevents a user from using Program Manager to run any applications
that are not already in a program group.
Registration
If you use an unregistered Windows Multi-Lock you will notice that every time you accept a password on
the Password Dialog, a box appears indicating you are unregistered and it displays the password you
entered using the Setup Windows Multi-Lock Dialog. When you send in your registration, I will return you
a registration number that you will enter in the registration field of the registration dialog. This will register
the software and you will no longer get the annoying box that displays your password. This dialog can be
reached from the register menu on the Setup Windows Multi-Lock Dialog.
Windows Multi-Lock is Shareware. If you feel that this software will be useful to you please send $5 (US
dollars) for individual license or $30 for unlimited site license to the following address:
Stephen A. Jernigan
171 Dexter Cir
Madison, AL 35758
USA
If you are writing a check please make it out to: Stephen A Jernigan
If you have an email address, it would be quicker and easier for both of us if you would include it with your
check so I can email you your registration number. If you don't have email, then provide a return address
and I will mail it to you. Please send me the version number of the software also.
Please report any bugs, suggestions for improvement or new features you would like to see. I can be
reached through email at sajernig@ingr.com
NOTE:
This software may be freely distributed as long as the following files are all kept together and unmodified.
multiset.exe
multlock.exe
multlock.hlp
multlock.txt
readme.txt
No one except for Stephen A. Jernigan may charge a fee for this software except for various transfer fees
that some services require.
No warranty is expressed or implied for the use of this software.
Copyright (c) 1994 Stephen A. Jernigan