We have several PC's on our production shop floor that run a "captive" 
application (that is, when the production operator logs on to Windows 
the application automatically executes).  The operators are restricted 
from running any other applications via a utility from Boxware called 
Winlock that allows restrictions by Windows logon user id.  There are 
two logons: The operator and an Administrative user.  The operator 
logon is restricted to the shop floor application and the Minisoft 
termulator.  The administrative logon has full access to everything. 
This (Winlock) has seemed to work okay (that is, it keeps the 
operators from running games and changing the Windows environment) 
up until now.

On Saturday, there was some problem with some of the shop floor 
computers and one of the operators was "trouble-shooting" it.  I 
was not worried about this because I figured the operators can't 
really screw anything up since Winlock restricts them.  However, 
today when I went around and ran Scandisk and re-booted each 
PC, I found some of them had been "messed with" in a way that 
only the administrative logon can do.  I figured that one or more 
of the operators has "discovered" the administrative password, so 
I changed the password.

But now I am wondering:  How easy is it to get the Windows logon 
passwords?  Especially when you can't get access to the desktop 
or my computer or the control panel.  That is, did someone "crack" 
these systems by stealing the Windows logon passwords or did 
someone guess the password or see me entering it or some other 
means?

If Windows 95 can be made to give up the user logon passwords, 
then my security scheme is somewhat compromised.

Jim Phillips                            Manager of Information Systems
Voice: (330) 527-2124                   Therm-O-Link, Inc.
  Fax: (330) 527-2123                   PO Box 285; 10513 Freedom St.
Email: [log in to unmask]       Garrettsville, Ohio  44231