myLogin - 🛡️ Secure lock screen Windows 🖥️

[mlibre2]

myLogin 🛡️   

Hey guys, I've been working lately on a project developed directly from my GitHub repo. I'm optimizing it as much as possible, minimizing false positives. Feel free to try it out with complete confidence 🤖

 

Simple open-source program to lock the Windows Desktop screen with advanced options:

• Disables the desktop while the lock window is active
• Prevents normal system use
• Only unlocks with a password set by the administrator

Edited 14 hours ago by mlibre2
added tags and screenshot

[argumentum]

Func _getHash($sInput)
   $sHash = _Crypt_HashData($sInput, $CALG_SHA_512)
   $sInput = "" ; clear
   Return _Crypt_HashData($sHash, $CALG_MD5) ; 128-bit
EndFunc

Good 1st post, cool

So..., why hash the hash, with a grater possibility of collision hash ? The 512 is good as is. What's the idea behind it ? 

[mlibre2]

Thanks, yes, good observation, I'm aware of that, the purpose of why md5 is to make it shorter in case a parameter is used it tends to be very long if it wasn't.

[argumentum]

...then use crc32, is even shorter

I'd go with the 512. No one would ( haven't run the code, just looked at it in the browser ) brute force the login screen, quite unlikely.
There is no reason to have to type a hash. You enter the password and if that's not it, ..that is not it.

Anyway, if you press ctrl+alt+delete you can override the password, right ?

[mlibre2]

Ok, I'll keep that in mind, as for the key combination, I implemented a method that temporarily suspends the explorer without killing it, preventing you from opening the start menu, running commands from the task manager.

[WildByDesign]

I got a chance to test myLogin (3.6) on Windows 11 and I just wanted to confirm that your existing blur method worked perfectly. I did not end up having to add anything to your code.

[mlibre2]

@WildByDesign Thanks for testing, I confirmed it.

[rcmaehl]

What if I forget my password?

[argumentum]

...reboot ?

[rcmaehl]

2 minutes ago, argumentum said:

...reboot ?

I mean GitHub says to have to run on startup with starts it auto-locked 

[mlibre2]

6 minutes ago, rcmaehl said:

What if I forget my password?

In that scenario, when setting up autorun, you can enter safe mode without an interface until you reach the console, navigate to where the script is and modify the parameter in the config.ini file, leaving the PassHash key blank and then you can generate another one.

 

15 minutes ago, argumentum said:

...reboot ?

It's not so easy to avoid it

[argumentum]

... a friend once told me to kill myself and stop complaining. ...I never did kill myself...  
This is a nice looking toy. I'd use it if I had to but I don't see a scenario where I can't just lock the PC with "Win + L".

At times I make a "service VM" where it logs in by itself to run stuff as user from the desktop, then lock the desktop ( or not, is a VM )
Again, is a nice looking script and does what it claims.

I did wonder why the convoluted "PassHash" setup but if you got that far, you know what you're doing, so is a good deterrent, to avoid the "click-click-ers" and shoot themselves in the foot.

Edited Tuesday at 03:08 PM by argumentum
English

[mlibre2]

This method would be a deterrent alternative for those who know and are aware of the vulnerability of being able to bypass the user's password, with the typical command

net users nameUser *

This script adds an additional layer of security 

[rcmaehl]

I wonder if @guinness remembers a similar program from their pre-MVPdeveloper PortableFreeware days. 

Granted that was... nearly 16 years ago.

Edit: Oh yeah, they're a dev now

Edited Tuesday at 03:40 PM by rcmaehl

[mlibre2]

New release available v3.7 

[argumentum]

#pragma compile(Icon, C:\Program Files\AutoIt3\Icons\au3.ico)

the portable exe does not show an icon

[mlibre2]

8 hours ago, argumentum said:

#pragma compile(Icon, C:\Program Files\AutoIt3\Icons\au3.ico)

the portable exe does not show an icon

If I tell you a curious fact... since I started testing the script on builds >= 22000 "windows 11", I get this problem: "unable to add resources", so I decided to remove that directive and insert the icon using the /icon parameter directly when compiling, but I made a typo in the workflow and the icon was not included.  It should be corrected for future versions.

[mlibre2]

New release available v3.8 

[spudw2k]

What drove you to change the LockWorkStation API function from a DllCall to using rundll32.exe? 

[mlibre2]

10 hours ago, spudw2k said:

What drove you to change the LockWorkStation API function from a DllCall to using rundll32.exe? 

Since the explorer is suspended, it usually takes a few milliseconds to unlock, so if the session is blocked before then, the screen goes black and unresponsive. I assume this is because the API is running too quickly; therefore, I changed the methodology, giving me more time to execute the action.