Windows Legacy OS forum

Question

One-time password solutions?

by Michael45512 / August 18, 2012 5:57 AM PDT

Hello,

Does anyone know any software that implements one-time password options? Here is my situation:

Some guest computers access resources on the file/print server (runs Windows XP). In order to access the resources on the network, they must enter the guest account and password. Because only I know it, I enter it for them.

The risk is that when I enter the password, the guest computer could have malicious software that stores the password for later use. By having the password change every time they log off, it would be difficult to gain unauthorized access.

How do I apply OTP to this situation? Thank you.

Discussion is locked
You are posting a reply to: One-time password solutions?
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: One-time password solutions?
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.

All Answers

Collapse -
Answer
Is This A Daily Occurance?
by Grif Thomas Forum moderator / August 19, 2012 9:07 AM PDT

The problem with allowing server access to outside computers is it creates a big security problem.. With critical data, most organizations don't allow such. In the government agency that I worked for, only individuals with network user credentials had the option to access the network and any file/print computers, and they could ONLY use our own networked computers. In addition, we identified SPECIFIC printers or folders which were required for each user and set up sharing so only that SPECIFIC user could access the desired printer or folder. They couldn't simply roam around at will on the server.

Unfortunately, you don't mention how often this occurs...with how many different users.... whether these are stationary or mobile computers, etc. It all makes a difference. And unfortunately, if you install a program that updates a password each time a guest logs off, it because almost impossible for the network admin (YOU) to keep track of any password changes. If the access is only occasional, and you have admin rights, you could change the password immediately after each use by an outside guest. It's also important to make sure the guest computers only have "read" access and not "read/write" when setting up sharing.. If the require "read/write", then you better make sure the guests are well documented and accounted for.

Hope this helps.

Grif

Collapse -
I'll clarify.
by Michael45512 / August 19, 2012 11:18 AM PDT

The majority of the computers are mobile. Usually the guest requests access at least once every day. In order to access the printer, they have to connect to the file/print server. They have to log on to an account labeled "guest-print". Once logged on, they are given access to the printer only. The only permission that is allowed is "print".

Collapse -
If They Can Only Print, Is There Really An Issue?
by Grif Thomas Forum moderator / August 20, 2012 3:56 AM PDT
In reply to: I'll clarify.

If you've locked things down so only printing is allowed, then is there a real problem, even if the password is known and remembered?

I've not used such a password program because all our networks are extremely secure and don't allow access to outside users.... but since you allow guests to access your printers, is there really a security issue other than these same guests might be able to print any time they want?

Hope this helps.

Grif

Collapse -
There is an issue.
by Michael45512 / August 20, 2012 4:28 AM PDT

If the guests print at will, they will use countless amounts of paper and ink, and it will drive costs up. That's why I'm looking for one-time password software.

Collapse -
Printing quotas?
by Steven Haninger / August 20, 2012 8:37 PM PDT
In reply to: There is an issue.

I believe that is possible.

Collapse -
Let's stick to the point.
by Michael45512 / August 21, 2012 3:30 AM PDT
In reply to: Printing quotas?

All I am looking for is one-time password software, so when the client computer logs off the server with the guest account, the password will change.

Collapse -
When people try ...
by Edward ODaniel / August 21, 2012 1:59 PM PDT
Collapse -
(NT) My apologies...I'll bow out
by Steven Haninger / August 21, 2012 8:21 PM PDT
Collapse -
I didn't intend to be rude and abrupt.
by Michael45512 / August 22, 2012 2:41 AM PDT

I may have said it in the wrong way.

Collapse -
Answer
While I've not felt the need to do this, I know you can
by Steven Haninger / August 19, 2012 7:39 PM PDT

set passwords to expire after some period of time but I'm not certain what the shortest increment would be. Have you checked into that? It would be found in group policy under password expiration.

Collapse -
I've heard of that...
by Michael45512 / August 19, 2012 11:49 PM PDT

...but that means I have to set a manual password every time. I'm looking for software that automatically changes the password every time a guest logs off.

Collapse -
Re: password
by Kees_B Forum moderator / August 21, 2012 8:35 PM PDT
In reply to: I've heard of that...

If that software resets the password, how would you know what it had become? That would be necessary for you to type it in for the next user.

Why not write a batchfile or so to change it? See http://www.petri.co.il/change_user_password_from_the_command_prompt.htm
Then make a 'log-off' link at the desktop that first calls that batch file, then logs off.

Somewhat more advanced: write a program that makes that batchfile with some smart algorithm (such as incrementing it each time) and run that in the logoff-batch.

Kees

Collapse -
I've started with a batch script.
by Michael45512 / August 25, 2012 12:07 AM PDT
In reply to: Re: password

Now, I need to find a way to copy portions of the command-line to a secure location. Here is the code:

@echo off
net user "guest-print" /random

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

CNET FORUMS TOP DISCUSSION

Help, my PC with Windows 10 won't shut down properly

Since upgrading to Windows 10 my computer won't shut down properly. I use the menu button shutdown and the screen goes blank, but the system does not fully shut down. The only way to get it to shut down is to hold the physical power button down till it shuts down. Any suggestions?