ANTICLICK: INCREASING DESKTOP SECURITY

Jason PetreyComputer Electronic

Networking Dept. of Technology

Eastern Kentucky University

2

OUTLINE Basic Idea Motivation Password Security Problem Statement Solution Conclusion Future Work

3

SECURITY GAP Windows user passwords are not

secure enough There is a need for a security

application to protect a user after the log on process, so I developed one

4

MOTIVATION During my studies at EKU I was shocked at

how unsecure the windows user password is.

I remembered a security program that I had started in high school.

Now had the knowledge and skills needed to complete the program I had started in high school.

5

PASSWORD SECURITY In 2003 a Swiss researcher

reduced the time it takes to crack a password like a windows users password from little less than 2 minutes to 13.6 seconds. (Lemos, 2003)

6

PASSWORD SECURITY Quick list of free ‘tools’

Ophcrack Offline NT Password & Registry Editor Cain & Abel LCP John the Ripper

(Fisher)

7

PROBLEM STATEMENT With the lack of security in

windows user passwords a program is needed to protect a user account after the user logs on.

8

PROPOSED SOLUTION Anticlick: Screen Lock

Clear form covering the entire screen. Blocks key combinations that could

normally bypass the program. Requires pressing two keys, defined by

the user, to bring up password entry, settings, or change password screens

9

PROPOSED SOLUTION Anticlick: Screen Lock (cont.)

Ability to run on startup/log on Email and text message warnings on a

user defined number of failed attempts at the password

All information protected with 3DES encryption (a three-step data encryption algorithm )

10

PROPOSED SOLUTION Anticlick: Administrator Control Panel

Provide administrator override password that will work for any user

Allows an administrator to edit anticlick settings on all local users who have already ran Anticlick: Screen Lock

All information protected with 3DES encryption

11

BLOCK DIAGRAM

12

MAIN FORM

PASSWORD FORMS

13

SETTINGS FORM

14

ADMIN CONTROL PANEL

15

KNOWN VULNERABILITIES Operating system that boot

from removable media Safe Mode An occasional bug that places

the start bar above the for that blocks mouse key strokes.

16

17

CONCLUSIONS When run on startup Anticlick is

an effective invisible layer of protection for a user. When ran manually it makes an effective screen lock.

When working with Visual Basic always start research on MSDN (Microsoft Developer Network)

18

CONCLUSIONS It is surprisingly easy to integrate

functions from external Dynamic-link libraries and windows API (application programming interfaces) functions into programs using Visual Studio, which helps a programmer create programs.

19

FUTURE WORK Multiple monitor support Windows service integration Remove the assumptions about the

host system that are hard coded to increase compatibility

20

FUTURE WORK Administrator Control Panel to

establish settings for users who have not yet ran the Anticlick: Screen Lock

Sell for profit or distribute as freeware /shareware

Permanent Email: jason.petrey12@gmail.com

21

REFERENCES Lemos, Robert. (2003, July 22). Cracking

Windows passwords in seconds. Retrieved April 10, 2010, from http://news.cnet.com/2100-1009_3-5053063.html

 Fisher, Tim. Top 5 Free Windows Password Recovery Tools. Retrieved April 10, 2010, from http://pcsupport.about.com/od/toolsofthetrade/tp/passrecovery.htm

22

PROJECT ACKNOWLEDGEMENTS WindowsHooksLib.dll from

www.vbforums.com Provided Keyboard Hooking

MSDN Microsoft repository of dot net

programming (including visual basic) and developer forum

23

PROJECT ACKNOWLEDGEMENTS sms411.net

How to send email to phones as text message

www.codeproject.com How to interact with the registry

www.dreamincode.net How to interact with the registry