Think about this for a second. What would happen if your main business computer and its backups were stolen and how much damage would it do to your business? Your emails, documents, customer and account database are all gone. It would be devastating to just about any business. In this article, we’ll show you how to secure your own business.

Operating Out of Home
Most self employed computer technicians start their businesses out of a home office as it is a great way to save money while you build up your client base. However, it does has its risks.

For example, if you have a lot of stock in your home office at any given time it leaves you very vulnerable to theft and so you may not want to bring too much attention to the fact that you build computers in your house. A dead giveaway are all those hardware boxes for the latest and greatest parts visible in your trash. I usually flatten these boxes and put them out in a non-transparent trash bag.

Another danger of operating out of a home office are the potential of bad clients. It doesn’t matter how good and honest your operation is, you will eventually come across a client who will be very dissatisfied with you and so you may not want this person to know where you and your family sleep at night for obvious reasons. There are a lot of crazy people out there.
You also may want to consider getting a PO Box, they are very cheap (about $55 USD) and provide great peace of mind. They are also handy if you tend to move around alot.

However, you are a business and people need to be able to find you. It comes down to what sort of technician you are. When I was first starting out I worked onsite 95% of the time and only allowed drop off for people I had dealt with before. However, other technicians would happily put up a sign out front of their place so clients can find them easier. I guess it comes down to what sort of neighbourhood you live in.

Operating Out of a Store Front
Theft is obviously a big issue for store owners. During your operating hours you constantly have the threat of shoplifters so your valuable stock (like laptops) should be locked down and away from the door. I know of a few computer stores who had laptops positioned near the door and a shoplifter reached in, grabbed the laptop and left.

Ive also seen photos of a more daring robbery that occurred at one of my suppliers. The thief came into the store during normal business hours but no one was at the reception desk. He walked around the back of the service counter, unplugged one of the businesses computers on the desk (not sell-able stock, the actual businesses machines) and walked off with it. That store now keeps their computers under the front desk so they aren’t as easily unplugged. This event was recorded by many of their above average cameras but the thief didn’t seem to care.

For your stock, I recommend that you buy some cable locks for your computers and/or lock the laptops down with either a Kensington lock or put them in a clear, locked cabinet.

During your businesses closed times you are also vulnerable to a good old fashioned night time break in. To protect against this make sure you have good locks not only at your front door, but also on any doors that you have inside the store, a “call to base” security system and your valuable stock locked down in some way. You should also avoid using cheap laptop locks with thin cables to lock down laptops, bolt cutters can cut through these like a hot knife through butter.

A new trend in robbery is the “Ram Raid”. A Ram Raid is the process of stealing a car, driving it through the front of your shop and taking everything they can. You may want to consider putting up security bollards out the front of your store to prevent this. Security bollards not only protect your business from ram raids, but also stop drivers coming through the front of your store when they accidentally put their car in drive instead of reverse when backing out of their parking spot.

Another danger to a computer shop are Invoice Scams. Invoice scams are when scammers send you a fake invoice from a fake company that appears to be in your field or appears to be from a real company that you deal with. The invoice will be charging for something generic like “computer parts” or something else non descriptive. These invoice scams work because if you have a secretary/accountant who comes in once a week to do your bookwork, they generally don’t second guess the invoice and just pay.
I have a few clients who have been fooled by similar scams and now have systems in place where the boss has to approve all invoices sent to the business before anything can be done with them. You might want to set up a similar system.

Backups
Last but not least, always have a backup. There are some great freeware backup solutions out there like Cobian Backup. If you pair this up with an external hard drive, it makes a great backup solution.

Technicians working out of a home office should lock down their backup drives with a Kensington lock (most have a slot) and store owners should take the backup drive offsite every night to help protect from fire and theft. Every few weeks, do a test of the backed up files because no fun having a hard drive fail only to find out that your backups haven’t been working correctly.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

Secure Your Business

How to Bypass or Remove a BIOS Password by Removing the CMOS Battery:
The simplest way to remove a BIOS password is to simply remove the CMOS battery. A computer will remember its settings and keep the time even when it is turned off and unplugged because these parts are powered by small battery inside the computer called a CMOS battery. If we pull out this battery, the computer will forget alot of its hardware settings, including its BIOS password. This should not be performed on Laptops if you are not experienced working with laptop hardware.

Anyway, open up the computer case using a screw driver and locate the flat, circular and metallic CMOS battery. It should look something like the picture to the right. Some computers have this part standing upright.

Once you have located it, observe how the latches are holding it. There are many different ways to remove a CMOS battery but the most common way on newer computers can be seen in the picture below.

Make sure to power down the computer, unplug the power cables and unplug any USB devices if they are powered. The computer must not be able to get power from anywhere for this to work. Take out the CMOS battery and wait 10 – 25 minutes before putting it back in. The reason for this wait is because the computer can still store power in its capacitors even though everything is unplugged. The waiting period allows enough time for them to discharge.

Plug everything back in, power up the computer and enter the BIOS again. If everything went well there should be no more password. In some cases, if you get weird error messages during bootup now, you will need to goto “Load BIOS Defaults” in BIOS and save the changes to fix them.

If this method didn’t work, try one of the methods below.

How to Bypass or Remove a BIOS Password using Software:
!BIOS is a freeware utility which is designed to be a whole BIOS and security suite. It has the ability to decrypt the passwords used in some of the most common BIOS makes such as Award, Phoenix, American Megatrends, IMB etc..
It also has the ability to brute force the password (known as “blasters”). However, this method is dangerous and can result in some unexpected and unwanted results.

Note: Because of this applications password cracking abilities, some antivirus software may report it as a virus/trojan. This is a false positive.

To start using !BIOS, reboot your computer and take note of the BIOS type and version you are running. For example, If your motherboard uses Award BIOS you should look for the text “Award Medallion BIOS 6.0″ or something similar.

Download !BIOS from here and save it to your desktop. Then, open a DOS command windows by going to Start > Run and type: cmd

Once you see a black screen in front of you, type: cd desktop
You should now see something like: C:\Documents and Settings\YourUserName\Desktop>

Now type the name of the file you just downloaded, if you haven’t changed the name just type in: bios320.exe

Use the down arrow and choose “Crackers” and then press the right arrow. Using the up and down arrows, select the BIOS that the motherboard is using and press Enter.

You should now see a menu asking what you want to crack, in most cases its the Supervisor or System Passwords you want to crack, so press the 1 key on your keyboard. It will then show you another menu asking how you want it to be cracked. Option 1 is pretty good so try that first by pressing the 1 key on your keyboard. You should now have your BIOS password.

Reboot the computer, enter the BIOS and try it out.

How to Bypass or Remove a BIOS Password using the manufacturer backdoor password:

On many computers (especially old ones), computer manufacturers build in backdoor passwords for their own technicians to use so they can access the BIOS when the hardware is being serviced. Here are some of the ones that have been reported. You may need to try quite a few passwords before you find one that works

These passwords are CaSe SeNsItIve.

AMI BIOS Backdoor Passwords:

• A.M.I.
• AAAMMMII
• AMI
• AMI?SW
• AMI_SW
• BIOS
• CONDO
• HEWITT RAND
• LKWPETER
• MI
• Oder
• PASSWORD

Award BIOS Backdoor Passwords:

• (eight spaces)
• 01322222
• 589589
• 589721
• 595595
• 598598
• ALFAROME
• ALLY
• ALLy
• aLLY
• aLLy
• aPAf
• award
• AWARD PW
• AWARD SW
• AWARD?SW
• AWARD_PW
• AWARD_SW
• AWKWARD
• awkward
• IOSTAR
• CONCAT
• CONDO
• Condo
• condo
• d8on
• djonet
• HLT
• J256
• J262
• j262
• j322
• j332
• J64
• KDD
• LKWPETER
• Lkwpeter
• PINT
• pint
• SER
• SKY_FOXSYXZ
• SKY_FOX
• syxz
• SYXZ
• TTPTHA
• ZAAAADA
• ZAAADA
• ZBAAACA
• ZJAAADC

Russian Award BIOS Passwords:

• %øåñòü ïpîáåëîâ%
• %äåâÿòü ïpîáåëîâ%

Phoenix Backdoor BIOS Passwords:

• BIOS
• CMOS
• phoenix
• PHOENIX

Other Manufcaturers Backdoor Passwords: (manufacturer name – password)

• VOBIS and IBM – merlin
• Dell – Dell
• Biostar – Biostar
• Compaq – Compaq
• Enox – xo11nE
• Epox – central
• Freetech – Posterie
• IWill – iwill
• Jetway – spooml
• Packard Bell – bell9
• QDI – QDI
• Siemens – SKY_FOX
• SOYO – SY_MB
• TMC – BIGO
• Toshiba – Toshiba

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

How to Bypass or Remove a BIOS Password

How to Gain Access to a Windows User Account using Safe Mode:
The easiest way to gain access to a Windows based machine is to go into Safe mode. To get into Safe mode do the following steps:
While the computer is powering up, before the Windows logo screen, keep pressing F8 and you will be presented with some choices on how you want to boot. Choose Safe Mode.

Goto Start > Run and type: control userpasswords2

This will bring up a User Accounts screen. Select the user account you want access to and press the “Reset Password” button.

If the above didnt work for you. Try this step again but instead untick “Users must enter a user name and password to use this computer” and click Apply.

The system will then ask you what username you want the system to logon as by default, you can just leave the password blank or put something in if you want.

How to Gain Access to a Windows User Account using Ophcrack:
Ophcrack is a open source live CD that you can boot from and provides a linux based interface. If all goes well, there should be no need for user intervention and it will display the original password in a few minutes time.

You can download the Ophcrack LiveCD ISO from this link. Just burn the ISO to a CD and get into the BIOS of tthe computer you want to break into. Set it to boot from the CD-Rom first during startup, save your settings and restart the computer. The LiveCD should run automatically.

If things didnt go well, check out the Ophcrack FAQ to find a solution.

How to Gain Access to a Windows User Account using EBCD – Emergency Boot CD
This application will allow you to change or blank the password of almost any user on Windows NT/2K/XP without knowing the original password.

http://www.prime-expert.com/ebcd/ebcd-0.6.1-pro-sfx.exe

Once you have downloaded the above executable, run it and it will begin to download the files you need. Extract those files to a location you’ll remember and run the “makeebcd.exe” file in that folder. This will generate a ISO file for you.

Burn the ISO file to a CD and boot the system with it in the CD Drive.
You should now see the Emergency Boot CD main menu and will want to launch “NT Password Editor (Linux-based)” so press 5 and then Enter.

For the next two steps will mention SCSI drivers. In most cases you can just hit Enter to continue. (Enter Twice)

You should now see “Partitions Found on the disk(s)” and ask you what partition contains your NT Installation. In most cases, its /dev/hda1 and you can just press enter. If its not, you’ll need to specify which hard drive your installation is on.

The next question is “What is the full path to the registry directory?”. By default, “windows/system32/config” is chosen and you can just press enter. If your Windows XP install is not in this location (for example, your Windows folder is named XP), you’ll need to type XP/system32/config

The application will now ask “Which hives (files) do you want to edit?”. You will want to run “sam system security” which is selected by default. So just press Enter

You should now see a menu asking you what you want to do. Choose “1 – Edit user data and passwords” by typing 1 and press Enter.

It will ask you which username you want to change the password for. Type in the username you want to change the password to and press Enter

When I did this, I got the error “Account is probably locked out!” which you may or may not get when you do this. If you do get this error, just press N and then Enter

The system will now tell you to please enter the new password. Once you have done that, just reboot and you should be able to login with the new password.

If you want to learn how to secure a computer from break ins like this, check out our How to Properly Secure a PC article.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

How to Gain Access to a Windows User Account

There are hundreds of thousands of viruses out there (if not millions) and they often designed for different objectives. Most of them fall under the following categories:

• To take control of a computer and use it for specific tasks
• To generate money
• To steal sensitive information (credit card numbers, passwords, personal details, data etc.)
• To prove a point, to prove it can be done, to prove ones skill or for revenge purposes
• To cripple a computer or network

To Take Control of a Computer and Use It for Specific Tasks

This is the most common type of virus, which is better classified as a trojan. These types of viruses are usually downloaded unknowingly by the computer user thinking that the file is something else, such as a file sent from a instant messenger friend or email attachment.

Once the host computer has been infected (known as a zombie computer), the trojan joins a private chat channel and awaits orders from its “Zombie Master”. This Zombie Master who is often the virus creator, will gather thousands of infected machines called a botnet and use them to mount attacks on web servers. The Zombie Master can command each of these infected computers will send a tiny bit of information to a web server – because there are potentially thousands of computers doing this at once, it often overloads the server.

The Zombie Master may want to do this to another website because it is a rival website, a figurehead website (such as whitehouse.gov) or it may be part of an extortion plan. “Send me $5000 or your Toy selling website will be offline over the Christmas holidays”.

The Zombie Master can also use these infected computers to send spam while the zombie master remains anonymous and the blame goes to the infected computers.

To Generate Money
These types of infections often masquerade as free spyware or virus removal tools (known as rogueware). Once ran, these fake applications will “scan” your computer and say it found has someviruses (even if there arent any) and in order to remove them, you must pay for the full version of the application. A good example of such a infection is called Myzor.fk which we have written about in the past.

Steal sensitive information
These types of viruses can sniff the traffic going in or out of a computer for interesting information such as passwords or credit card numbers and send it back to the virus creator. These types of viruses often use keylogging as a method of stealing information where it maintains a record of everything that is typed into the computer such as emails, passwords, home banking data, instant messenger chats etc..
The above mentioned methods also allows an attacker to gather an incredible amount of data about a person which can be used for identity theft purposes.

To Prove a Point, To Prove it Can Be Done, To Prove Ones Skill or For Revenge Purposes
A perfect example of this type of virus was the famous MS.Blaster virus (aka Lovesan) which infected hundreds of thousands of computers back in August 2003.

This virus would cause the system to restart after 60 seconds and had two hidden messages written in its code:
One was “I just want to say LOVE YOU SAN!!” which is why the virus is sometimes called Lovesan, and the other message was “billy gates why do you make this possible ? Stop making money and fix your software!!”
It is believed that purpose of this virus was to prove how easily exploitable a Windows system is.

To Cripple a Computer or Network
Few viruses now days are intended to disable a computer because it stops viruses ability to spread to other computers. Computer crippling viruses still exist, but nowhere near as common as the viruses mentioned above. The worst type of computer crippling viruses were back in the days of the 486 computers where the virus would overwrite the Master Boot Record (MBR) of the computer which would often prevent the computer from starting up at all.

Unlike computer crippling viruses, network crippling viruses are all too common now days. Most viruses that are designed to launch a Denial of Service attack will cause a significant load on a computer network, often bringing it down completely.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

Why do People Create Computer Viruses?

What Eicar Will Do
Eicar will test real-time/resident scanners to make sure they are activated and working properly. It will also partially test how good the real-time/resident scanner is. For example, McAfee antiviruses real-time scanner wont even let you save the test file. AVG Antivirus wont pick it up until its opened or scanned.

Ok, Lets Make a Test File

Copy and Paste the following line into a text file:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

Now, save it with the file name eicar.com. Thats pretty much all you need to do to create a basic Eicar test file. However, we have provided some samples to test antivirus applications in a little more depth. You may need to deactivate your antivirus software to download these:

• eicar.com - Basic test file (right click, save as)
• eicar.com.txt - Some people may have trouble downloading the above file. Rename this one to just eicar.com (right click, save as)
• eicar_com.zip - Tests whether the antivirus software scans within zip files.
• eicarcom2.zip - Tests whether the antivirus software will scan a zip file within zip file.

If you plan to carry the test file around on your USB memory stick with your computer repair tools, be sure to put eicar in a passworded archive. Otherwise, some clients antivirus software will detect and delete it off your USB drive. If its passworded, the antivirus cant see into the archive and therefor doesn't get deleted. Another option is to put it on a read only device such as a CD.

[warning]For some antivirus software, once the antivirus discovers the eicar test it may disallow access to the file because it quarantines it. Instructions for unlocking the file are antivirus brand specific, so you'll have to contact the vendor for steps of how to unlock it. However, in most cases if you just clear the quarantine area of your antivirus software, that usually fixes it.[/warning]

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

Test Antivirus Programs with the Eicar Test File

Recently, one of our Technibble forum members, Buzz; spotted a pattern in posts across a few forums he visited and reported it to us. It appears to be another method of spreading rogueware.

Buzz read this thread on our forums which has a user named “robart” posting the following:

I got this Trojan Virus from a ‘Noble Poker’ program I haven’t used in years. My Norton Anti-Virus and XsoftSpySE wont get rid of it. Is there anyone out there that can help me remove it before my computer crashes?

A few Technibble forum members (Buzz, Mac, Blues and Myself) suggest some legitimate ways to get rid of it and then someone called “marina_meggy” posts the following:

I recommend you to download the free program called Spyware sweeper from –URL Removed– This is one of the very few tested anti-spy ware programs that can help you to remove the Trojan successfully. You would find detailed instructions at the site

What makes this interesting is that Spyware Sweeper (not to be confused with the legitimate application Spy Sweeper) is a known Rogueware program that masquerades as a spyware removal program which asks for money to remove the fake infection.

This same group have been doing the exact same thing on other forums where one of them creates a post saying that they have an infection, and the other replies recommending SpywareSweeper as if they were a helpful forum member.

If you look at the original post on Technibbles forums located HERE. And then look at the post on VirtualDr.com’s forums located HERE. You can see that the posts are almost exactly identical.

After doing a Google Search, I can find many other forums with the exact same post.

Technical forums are still an excellent way to get some computer help, just look at who’s giving the advice on the forum. If the person just signed up and has a post count of 1, it might be worth double checking what they say.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

Rogueware Being Spread Via Forums

Using keyloggers in this environment introduces more security risks than it prevents. Granted, you could check that your employees are not e-mailing confidential data to a rival company, but in the end, the data collected from keyloggers is confidential, and may well contain corporate secrets, passwords, and other confidential or sensitive information.

With yet another data source to protect, the security task becomes that bit more difficult. There’s one more set of data to secure, to back up, to lock away in the tape safe. There are far more effective ways of monitoring data leakage, may of which can be preventative as well as simply alerting after the fact. Egress filters on firewalls and e-mail servers will help to protect corporate data much better than simply logging the sending process and dealing with it later. At that point, the data is out of the network, there is nothing that can be done. With egress filters, the traffic can be blocked before it leaves the network.

There is, however, another concern with keyloggers in business. Unauthorised key logging by outsiders, or by rogue staff. Here, a software or hardware keylogger could be planted on a system, passwords collected, and then the keylogger removed lately.

This is often easier than it sounds. Many businesses have a reception area, where the staff have access to the internal network. It is easy for a visitor to attach a hardware keylogger to such a system whilst the receptionist is answering the phone, or trying to find paperwork pertaining to their visit.

Furthermore, many businesses have openplan work areas, most of which are relatively easily accessible to the public. Again, attaching a keylogger goes mostly unnoticed.

To prevent this kind of attack, the access to the back of the computer should be restricted. Putting the systems into locked boxes, or locking them in a cupboard under the desk, with access only to the power switch and the CD / floppy drives, as well as perhaps USB for flash drives (but beware of data entering or leaving the building on flash drives) prevents someone installing a hardware keylogger without cutting the keyboard cable and splicing it in. This would take significantly longer, and be much more noticeable, than simply attaching a PS/2 keylogger to the back of the computer.

This solution does not prevent software keyloggers being installed. In some cases, this is difficult to prevent; the users may need administrative access to the computer. In most cases, however, it is possible to limit the access permissions of a user, and to limit the software which can be run. These steps will effectively thwart most attempts to log keystrokes on systems.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

The Ethics Of Key Loggers – Part Two

Clearly these devices have uses such as obtaining passwords, bank login details, credit card numbers, and so forth, but also they can be used to monitor activities on a computer. This is the kind of use I wish to discuss today.

Some people think that sticking a key logger onto a computer is warranted because they need to know what their kids are doing online, or what their staff are spending their time doing. Excuses such as these just don’t cut it. There is no legitimate reason for running such software.

I am not a parent, but I have seen enough discussions to know that parents are not, in general, happy about leaving their kids unattended on the Internet. Well, there’s a simple solution there, don’t leave them unattended. As they’re introduced to the online world, stay by them, help them explore and learn. Take an active role in your child’s development. Far too many people rely on computers and the Internet as the next step for the TV babysitter. Instead of actually being with their kids, they dump them in front of the TV, or the computer, and let them entertain themselves.

If you’re worried that your child is visiting sites you do not wish them to (and by this I don’t just mean pornographic sites, there are worse things out there!) then sit with them while they use the Internet, and gently steer them in the right direction.

Of course, there will come a time when they want their privacy, and fully deserve to receive that privacy. This is the time when you back away, and hope that you spent enough time with them to teach them right from wrong, and that they will take that knowledge with them as they go. Inevitably, though, you can’t stop them if they’re determined to find something. If you won’t let them, they’ll just go to their friends, whose parents are always out, and go look at it there instead.

Key loggers are not the answer here, nor are content filters. Spying on your kids, or locking them down, is not a good way to build a healthy trusting relationship, nor is it a good way to prepare them for the real world. Sure, sometimes they’ll stray from the track, but this is where you have to just put it to trust that your parenting skills were good enough, and that they’ll come back to the right side of the line. More often than not, restricting or spying on them just pushes them further; they try to find out how to disable the content filter because it won’t let them view a page on reproductive cycles that they need for their Biology assignment, and suddenly they stumble into the underground world of malicious hackers.

Furthermore, at a certain point in their lives, kids are entitled to privacy, just as you would expect for yourself. Certainly, conversations with their friends, by e-mail or instant messengers, may be confidential – and that may mean their friends are talking about their own personal issues, not that your child has some problem, but that they’re trying to help a friend. In such cases, key loggers just abuse trust and force kids into going to great length to hide their lives from their parents.

If you trust your children, they will grow to be well-adjusted individuals, who are capable of trusting others, but have a reasonable scepticism required to get them through life.

Similarly, in business, watched workers may go to extreme lengths to hide or encrypt the weeks joke e-mail because they think the powers that be are watching. Granted, sending a joke around by e-mail isn’t exactly a constructive use of their time, or the company systems, but they’re entitled to breaks, and a lot more time and resources would be wasted if all the employees started to encrypt the joke e-mails so that management couldn’t prove they existed.

In the end a balance has to be found. Where that balance lies depends on the individuals, and on the circumstances, but software or hardware key loggers should never enter into this balance.

On to Part 2 ….

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

The Ethics Of Key Loggers

But what about those of you struggling to remember the one or two passwords to log into the computer in the first place? You don’t want to have to remember 20 passwords, all for different websites.

Well, I’d like to advocate those programs which store all of your passwords, encrypted, and require a single password for access. Choose that password wisely. Don’t use any password you use elsewhere, make it as long and complex as you are able to remember, and make it hard to guess.

These programs differ from storing your passwords in, for example, Firefox because you must enter a password to access the password store in the first place. Once you’ve done this, you can easily obtain the login data for any website you visit, and if you’re leaving the computer for a while, lock the password store before you go. You don’t have to lock the entire workstation, or remember a screensaver password on top of all the others.

Software like this exists for a reason. While it may not be the ideal solution (which would be to remember the passwords yourself, or to set up systems which use other authentication mechanisms, such as public-key based SSH logins), it forms an interim response to weakened security due to “password manager” features in browsers, e-mail clients, instant messaging systems and so on.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

Stored Password Security

Having a strong Windows logon password with both letters and numbers is simply not enough as files can be accessed as easily as putting a CD into the CD-Rom and turning the computer on, without ever needed to log onto Windows. There are many freely available Operating systems such as Knoppix (linux based) and UBCD (windows based) which can be run from the CD and make it easy to read your files without ever entering Windows.

What about encrypted files? Breaking into encrypted files can be done, but without the original password it is incredibly time consuming. A much quicker way to get into encrypted files is for someone to install something called a “Key Logger” onto the computer using one of these CD’s. A Key Logger is an application that records the buttons you press on the keyboard, including that password you type in to access your encrypted files.

A computer that could be considered “locked down” should have all of the following security measures in place:

Being Boot Proof
By making a computer boot proof, it helps prevent attacks from boot CD’s such as Knoppix or UBCD.

To make a computer boot proof, go into the computers BIOS by pressing F1 right when your computers screen first turns on when you power it up. For some computers, especially brand name ones, it may be F10, F12 or F2 instead of F1.

Once in the BIOS, look for a Boot Order/Options section and change the boot order to boot from hard drive only. If there is no hard drive only option, make sure harddrive is first (eg. HDD, FDD, CDRom). Now, look for a Security/Password section and set a “boot password”. Be sure to write it down in a place that you will be able to find it and other wont and remember that the password is case sensitive. If you forget this password you will have to open up your computer to remove it (which of course, we have the instructions for here).

If your computer case doesn’t have a physical lock on it for preventing people from opening it (most computers don’t) then it might be a good idea to put on a “Harddrive Password” which can also be applied in the Security/Password section of your BIOS. The reason for a harddrive password is even if you have a boot password, someone can remove the harddrive from the physically unlocked computer, place it in another computer and totally bypass the boot password on your computer because your computer was never turned on.

Keep in mind though, if you forget a harddrive then your harddrive and all the data on it may be rendered unusable after 3 wrong password guesses. Most computer technicians will not be able to remove a harddrive password.

Physical Security Options
As mentioned in the previous section, boot passwords can be bypassed by physically moving a jumper on a motherboard or by removing the battery that powers the bios. To prevent such a thing, having a lockable computer case is a good option as it will also help prevent the theft of computer parts such as the hard drive.

If you have a laptop and use it in semi public places such as libraries, airports & coffee shops then leaving it alone is definitely a bad idea. Investing in a good laptop cable lock deters walk-by thieves in public and semi-public places (however, not in private locations such as hotel rooms as bolt cutters will cut through these like butter). Most laptops, some desktop PCs and even some flat-screen monitors have cable lock slots, just make sure you secure it to something escape proof like a wall pipe or the middle of a bed frame. Wrapping it around a table leg just won’t do.

© Technibble - A Resource for Computer Technicians to start or improve their computer business
To get started with your own computer business, check out our Computer Business Kit. If you want to learn how to repair laptops, check out these narrated, high definition videos. These would pay for themselves in 1 repair job.

How to Properly Secure a PC