Windows Legacy OS forum

Question

One-time password solutions?

Hello,

Does anyone know any software that implements one-time password options? Here is my situation:

Some guest computers access resources on the file/print server (runs Windows XP). In order to access the resources on the network, they must enter the guest account and password. Because only I know it, I enter it for them.

The risk is that when I enter the password, the guest computer could have malicious software that stores the password for later use. By having the password change every time they log off, it would be difficult to gain unauthorized access.

How do I apply OTP to this situation? Thank you.

Discussion is locked
You are posting a reply to: One-time password solutions?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: One-time password solutions?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Answer
Is This A Daily Occurance?

In reply to: One-time password solutions?

The problem with allowing server access to outside computers is it creates a big security problem.. With critical data, most organizations don't allow such. In the government agency that I worked for, only individuals with network user credentials had the option to access the network and any file/print computers, and they could ONLY use our own networked computers. In addition, we identified SPECIFIC printers or folders which were required for each user and set up sharing so only that SPECIFIC user could access the desired printer or folder. They couldn't simply roam around at will on the server.

Unfortunately, you don't mention how often this occurs...with how many different users.... whether these are stationary or mobile computers, etc. It all makes a difference. And unfortunately, if you install a program that updates a password each time a guest logs off, it because almost impossible for the network admin (YOU) to keep track of any password changes. If the access is only occasional, and you have admin rights, you could change the password immediately after each use by an outside guest. It's also important to make sure the guest computers only have "read" access and not "read/write" when setting up sharing.. If the require "read/write", then you better make sure the guests are well documented and accounted for.

Hope this helps.

Grif

Collapse -
I'll clarify.

In reply to: Is This A Daily Occurance?

The majority of the computers are mobile. Usually the guest requests access at least once every day. In order to access the printer, they have to connect to the file/print server. They have to log on to an account labeled "guest-print". Once logged on, they are given access to the printer only. The only permission that is allowed is "print".

Collapse -
If They Can Only Print, Is There Really An Issue?

In reply to: I'll clarify.

If you've locked things down so only printing is allowed, then is there a real problem, even if the password is known and remembered?

I've not used such a password program because all our networks are extremely secure and don't allow access to outside users.... but since you allow guests to access your printers, is there really a security issue other than these same guests might be able to print any time they want?

Hope this helps.

Grif

Collapse -
There is an issue.

In reply to: If They Can Only Print, Is There Really An Issue?

If the guests print at will, they will use countless amounts of paper and ink, and it will drive costs up. That's why I'm looking for one-time password software.

Collapse -
Printing quotas?

In reply to: There is an issue.

I believe that is possible.

Collapse -
Let's stick to the point.

In reply to: Printing quotas?

All I am looking for is one-time password software, so when the client computer logs off the server with the guest account, the password will change.

Collapse -
When people try ...

In reply to: Let's stick to the point.

Collapse -
(NT) My apologies...I'll bow out

In reply to: Let's stick to the point.

Collapse -
I didn't intend to be rude and abrupt.

In reply to: My apologies...I'll bow out

I may have said it in the wrong way.

Collapse -
Answer
While I've not felt the need to do this, I know you can

In reply to: One-time password solutions?

set passwords to expire after some period of time but I'm not certain what the shortest increment would be. Have you checked into that? It would be found in group policy under password expiration.

Collapse -
I've heard of that...

In reply to: While I've not felt the need to do this, I know you can

...but that means I have to set a manual password every time. I'm looking for software that automatically changes the password every time a guest logs off.

Collapse -
Re: password

In reply to: I've heard of that...

If that software resets the password, how would you know what it had become? That would be necessary for you to type it in for the next user.

Why not write a batchfile or so to change it? See http://www.petri.co.il/change_user_password_from_the_command_prompt.htm
Then make a 'log-off' link at the desktop that first calls that batch file, then logs off.

Somewhat more advanced: write a program that makes that batchfile with some smart algorithm (such as incrementing it each time) and run that in the logoff-batch.

Kees

Collapse -
I've started with a batch script.

In reply to: Re: password

Now, I need to find a way to copy portions of the command-line to a secure location. Here is the code:

@echo off
net user "guest-print" /random

Popular Forums

icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

SMART HOME

This one tip will help you sleep better tonight

A few seconds are all you need to get a better night's rest.