User Settings & Security
The following tweaks address user accounts and data security.
Become a Power User
Working logged onto Windows as a power user, rather than an administrator, can be safer when it comes to system security. To change your current administrator account into a power user account, go to Start > Run and type lusrmgr.msc. Click on “Groups” and double click on “Administrators”. Make sure there is an administrative user other than your user name that you can use for full administrative privileges.
Select the user account that is going to be a power user and hit “Remove” and OK. Double click “Power Users” on the side panel, click “Add”, and type the account’s name that you just removed from the Administrators group. Click OK, and OK again.
Power users do not always have to log out in order to perform tasks that only an administrative user can. Hold down the shift key and right click on a program’s *.exe file or shortcut. Click “Run As” and select “Run the program as the following user” or “The following user”. Enter the username and password of an administrator user account and hit OK.
Encrypt Files & Folders in XP Pro
null
This security feature only works on XP Pro with an NTFS file system. What it does is allow only the user that encrypted the folders/files to access them. Right click on a file/folder, and click “Properties”. On the “General” tab, click “Advanced”. Check the “Encrypt contents and secure data” box and click OK. Specify whether or not to encrypt the subfolders (it is recommended that you do). To undo the encryption, just uncheck the Encrypt box.
Get 2000 Security with XP Home
null
Although XP Home lacks some security features, you don’t have to be totally left out to dry. You have the ability to use the same security features available in Windows 2000, and explained in this sections under Set Folder Permissions in 2000.
First, boot up in safe mode (just hit F8 before getting to the Windows loading screen). You may now follow the instructions in Set Folder Permissions in 2000. Just like with 2000, you can only do this with NTFS drives. Reboot back into normal mode when you have completed setting the permissions. This is the easy way.
There is a way to handle permissions while in normal mode, but it’s a little tricky to handle. Start out by going to Start > Run and type cmd. At the command prompt, type cacls (calc brings up the calculator; you don’t want that). This gives you the ability to add, remove or modify file permissions on files and folders through the command prompt without having to reboot into safe mode. Type cacls /? for help on different options and variables.
Hide a Drive
If you don’t want other users stumbling over a drive while browsing the computer through Explorer, this tweak may help out. Although this tweak will render the drive invisible in Windows Explorer, it will still be accessible through Windows’ search utility, as well as other third-party file managing applications. Microsoft Office applications will also be able to access the cloaked drive with no problem.
To cloak a drive, open up regedit and go to HKEY_CURRENT_USER/Software/Microsoft/Windows/CurrentVersion/Policies/Explorer. Create/modify the DWORD value “NoDrives” to match a corresponding drive letter you wish to hide. A: 1; B: 2; C: 4; D: 8; E: 16; F: 32; G: 64; H: 128; I: 256; J: 512; etc. To hide multiple drives, just add the values together and enter the sum as the value for the DWORD value “NoDrives”. To hide all the drives, just enter the value 67108863.
Hiding a XP Computer from Network Neighborhood
null
If you want to share files from a XP computer, yet want to remove it from showing up in the Network Neighborhood, Run net config server /hidden:yes
Increase Folder Cache
null
The default setting for WindowsXP is to cache the folder settings for 400 folders. If you notice that your folders keep losing their settings, you may want to increase this number if you have a good number of folders.
In regedit, go to HKEY_CURRENT_USER/Software/Microsoft/Windows/ShellNoRoam and double click on BagMRU. Select “Decimal” and then change the number value to whatever size you want. 2000 seems to be a good place to start, for it should be more than enough for most users. For users with several multiple storage drives; that number should be increased by another thousand or two.
Make Folders Private in XP
You can make any folders private to all other users on the system by right clicking on the folder and going to the “Sharing” tab. Check the “Make this folder private” box and hit OK. Note that this only works on NTFS file systems.
Set Folder Permissions in 2000
null
There is a neat little feature in 2000, however only applicable on NTFS drives. On and partition/drive/folder, right click and click “Properties” and go to the “Security” tab.
The different users will be listed according to user groups. Administrators on top, Creator, Everyone, SYSTEM, Users, and customized groups are inserted according to closest user group. If you only want a specific user access to a certain folder, turn every body’s permissions off except for the user, administrator and SYSTEM. Depending on how much freedom you want to give the user, you can make the folder read-only by unchecking “Full Control”, “Modify, “Read & Execute” and “Write”. If the user wants to open something, they would have to copy and paste the file to an area where they had permission to open files a.k.a. “Read & Execute”.
So, here’s a rundown on what each entry does: “Full Control” grants total unrestricted access; “Modify” allows users to change files (i.e., edit and save Word documents); “Read & Execute” allows the user to run *.exe files and open files; “List Folder Contents” allows the user to view anything in that folder; “Read” allows the user to see files, but not open or modify them; “Write” allows users to save new files, but not change any existing ones. Note that any change made to a folder will also change all the subfolder permissions. Anything left unchecked in the main folder can be checked in the subfolders, but anything left checked in the main folder cannot be unchecked in the subfolders. Folder hierarchies need to be kept in mind when changing these permissions.
Overall, it’s fairly simple to work with. You just need to keep track of where you are within the file structure.
AdamTheTech.com and respective content is Copyright 2003-2024.
