None of my colleagues are manually impaired (pertaining to their hands), so it is just as easy for those who need to access my computer when I am not there to use both hands to access the Ctrl-Alt-Del unlock feature, be it to log in as a different user or to check my computer for connection issues when I work from home (which hardly ever happens in our stable, small business domain network). The solution needs to be picked based on the requirements and security concerns in each individual case.īeing the old-school type myself, I prefer using the Ctrl-Alt-Del unlock feature for my desktop computer at work, but not on my home computer laptop. There are hardly any yes/no answers (or " this solution is better than that other solution") in cases like the one in this ticket. So it totally depends on your/organization's requirement to enable this policy or to keep it disabled. At first, I had doubts about whether you had answered the question, but it turned out to be correct.įrom my perspective it looks like you could have highlighted the most important sentence (or parts of it), maybe something like this:
#Ctrl alt delete kupa windows 10#
Furthermore, almost all of the computers I have access to have been upgraded from Windows 8.1 or Windows 7 to Windows 10, so I also find it difficult to verify with certainty which of the GPO settings will achieve the expected result on a Surface Book computer with only Windows 10 Pro as their original and first OS, without any settings migrated from Windows 8.Īnd yes, even though I have a tendency to "ramble on" or seem to rant when I try to explain what I am thinking, I will be looking into the Reference section to see if I can find and simplify the text where it contains redundancies. Just to make it clear: I do not have access to any Surface Book computers, so I don't actually know if they respond differently to group policies compared to a random laptop or desktop computer using Windows 10 Pro. TL DR: I appreciate the pros and cons of this feature, depending on the scenario in question.
#Ctrl alt delete kupa software#
With all the other biometric options we now have access to, it is rapidly becoming a functionality of the past, except for those few isolated scenarios where the computer is either physically disconnected from the internet or isolated from networking with other computers, and still regarded as a security device (because of local data or software content). I also recognize and appreciate the situation where the client computer is used by one or more disabled persons, making it necessary to disable the feature for direct local interaction. One of my main incentives to regard the enforcement as outdated is the prevalence of remote control software giving you the option to send the Ctrl+Alt+Del key combination as a software package to the target client, triggering the login UI without using the physical keyboard. If you have time, perhaps you can suggest the updates? Thank you!įirst of all, thank you to all of you for commenting about this feature which appears to be more or less outdated. this doc has some redundant sentences (See the Reference section). Biometric sign-in, if it's a viable option for you. Please note that you can also consider Windows Hello e.g. Finally, with devices offering more keyboard-free logon experiences such as facial recognition, Ctrl+Alt+Del becomes an annoying interference. Third, if the adversary has gained administrative control of the computer, the “secure desktop” is no longer a protected space. Second, so many apps prompt the user for the same credentials on the user’s desktop that the credentials can easily be stolen there. First, it depends on a user that’s looking at a spoofed logon screen remembering that he or she hadn’t pressed Ctrl+Alt+Del before typing a password. This is not particularly strong protection. For others, organizations can continue enforcing settings, but we do not consider their enforcement to be necessary.Įnforcement of Ctrl+Alt+Del at logon to protect credentials from theft.
#Ctrl alt delete kupa update#
the 122 settings that went from a configured value to “Not Configured.” For many of these settings, such as Windows Update settings, specific configuration is best left to the organization. The result is that we have removed 122 settings that had been enforced. to remove settings that do not address contemporary threats, and to remove the enforcement of Windows default settings that require administrative control to change and that are unlikely to be changed by an authorized administrator. This information that came from a closed issue might help, tagging since he pointed it out. If you are pertaining to the above, the suggested best practice is updated. Thank you for the clarification is advisable to set Disable CTRL+ALT+DEL requirement for logon to Not configured.
0 kommentar(er)
