Home > Microsoft, Security > CTRL+ALT+DEL is not just for rebooting

CTRL+ALT+DEL is not just for rebooting

While speaking with a colleague earlier this week the question of logon security came up. Specifically it was asked if the classic CTRL+ALT+DEL (control, alt, delete) was still necessary.  Beyond that he was more interested in why it should or shouldn’t be used during the logon process.

The simple answer to his questions was “Yes, keep using CTRL+ALT+DEL” for domain logons. When a user presses CTRL+ALT+DEL windows will invoke the Graphical Identification and Authentication (GINA) module.  Most administrators never deal with GINA directly, however if you implement security devices as I have it may be necessary to customize GINA.

GINA takes the users credentials and passes them securely on to their destination. The CTRL+ALT+DEL will assure a user they are actually at the proper logon screen. The operating system typically does not allow editing of the CTRL+ALT+DEL key combination. If a hacker or other unwanted software package was ‘pretending’ to be the logon page then usernames and passwords could be stolen. The false security program will be found when the user hits CTRL+ALT+DEL and the Task Manager or Security Center come up (depending upon the version of windows).

Some administrators will say CTRL+ALT+DEL is nothing but a legacy left over from days when it was required to do a ‘soft reboot’ or end a hung process. This is true, but no longer the whole story. The origins of CTRL+ALT+DEL do in fact go back to this need. However from a security standpoint CTRL+ALT+DEL is important to insure GINA is not imitated.

Categories: Microsoft, Security
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: