Making Windows Admin Account Secure

2smoothbooth · 2 Nov 2010 at 22:12

I'll give you the backstory first so that you can fully appreciate my predicament. My brother and I use the same computer but he literally uses it every spare minute of his life (even though the pc is mine). I thought I would be clever and set up an admin account for me (password protected) and a limited access account for him. I also made use of the Parental Controls to only allow him access at certain times of the day.
I returned home the next day and surprise, surprise he managed to change my Admin Account password to 'youareatwat'...which he kindly told me after but made me feel a little foolish. Questioned him about it and he said he managed it through a registry hack although he didn't go into detail.
Is there any way I could make this process more secure like adding an additional layer of security such as truecrypt or bitlocker to prevent him from changing the registry? Any suggestions would be appreciated as I feel a bit defeated at the moment.

Thanks

2smoothbooth · 2 Nov 2010 at 22:35

haha I am getting to the point of saying gtfo. If I password protected the bios could he still press f8 to access the boot menu or will it prompt him? I want to deduce what method he used.

2smoothbooth · 2 Nov 2010 at 22:46

@tntcoder
Its not really an issue we have shared most things all our lives, I just wanted to teach him some manners. I won't lose sleep over it but I would like some control over my pc

2smoothbooth · 2 Nov 2010 at 22:59

I wondered because you can press 'del' to go to bios and 'f8' to go to boot menu so wasn't sure if he could get to it without being prompted for a password (i'm not home at the mo to try it). I found a flash drive near the pc so that could be the culprit, he usually keeps that in his room...suspicious lol

2smoothbooth · 3 Nov 2010 at 07:14

Sounds like the best way to stop him is to get physical lol. What about this suggestion that I found on a quick google search "Something else you can do is look into TCTemp and TCGina, which work with TrueCrypt to encrypt the temp and user profiles. I'm not sure if its been updated for TC6, but it works with TC5."
Anyone ever tried that?

2smoothbooth · 3 Nov 2010 at 19:31

haha Macky. The ironic thing is I work in IT support :rolleyes:

but making a 'Home' pc secure when you still want to give someone certain access is difficult. Sure, it's easier to give him no access at all but I don't want to be too much of a dick.

Also, I found out he used a bootable cd to change the password and putting a password on the bios does not have any effect on the quick boot menu. He could still boot from cd...

2smoothbooth · 3 Nov 2010 at 19:44

Yes the boot order is always to boot from hard drive and all other options disabled. Trouble is, he can still access the boot menu by pressing F12 so he can boot from whichever source he likes without having to change any setting within the bios.

2smoothbooth · 4 Nov 2010 at 18:54

Thanks for the help guys. I'll try passwording the bios and disabling the dvd drive (not that I use it much anyway). Big kisses x