In previous versions of Windows, you had to press Ctrl + Alt + Delete to logon, or to unlock a locked workstation. This was because this key sequence was recognized only by the OS and thus other software couldn't intercept it and display a spoofed logon screen to capture passwords.
Starting with Windows 8, you now just have to press Enter to get to the logon screen.
What is to stop someone from writing a fake logon screen? Did Windows 8 add some sort of new security mechanism to mitigate this security issue?
Answer
I do not believe this was enforced by default in earlier windows versions either. There is a group policy setting you can use to enforce this.
Computer Configuration - Windows Settings - Security Settings - Local Policies - Security Options - Interactive Logon: Do not require CTRL+ALT+DELETE
disable that and you will be required to press ctrl+alt+delete.
same procedure for a domain gpo or standalone. I still turn this on in my home as a default security practice for the reasons you mentioned above.
No comments:
Post a Comment