Secure login is a term used to describe the process of logging in to a computer system using two or more different keys. This process is designed to protect your personal information and ensure that you are not accessed without your permission. One of the most common ways to secure login is by using a password. A password is a series of characters that you use to log in to a computer system. Your password can be anything that you remember and are comfortable with, such as your name, address, or other personal information. Another way to secure login is by using two or more different keys. This process is called two-factor authentication. Two-factor authentication means that you need to provide both your username and your password in order to log in. This process can be helpful if you are frequently accessed the computer system and want to protect yourself from unauthorized access. Finally, one of the most important ways to secure login is by using a security code. A security code is a set of numbers or letters that you enter into the computer system in order to log in. The code can help protect your personal information and ensure that you are not accessed without your permission.
Adding an extra layer of security is never a bad thing, but you may find yourself wondering about the benefits you actually gain from said layer. Today’s SuperUser Q&A post explains what makes “Secure Login” secure for a curious reader.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Photo courtesy of Matt Biddulph (Flickr).
The Question
SuperUser reader Nexusfactor wants to know what makes Secure Login (Ctrl+Alt+Del) secure:
What makes Secure Login (Ctrl+Alt+Del) secure?
The Answer
SuperUser contributors duDE and Louis have the answer for us. First up, duDE:
Followed by the answer from Louis:
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.
In Windows, there are actually different types of desktops. The one that we work in is what we all call the desktop, but has been known by other names such as default, interactive, or application desktop. It is here that any given application can run.
The login screen is actually an entirely different kind of desktop, a secure desktop where only trusted processes are running as SYSTEM. While the key combination will guard against fake login screens, it does not protect against a virus infection that is keylogging all of your keystrokes. The desktop concept adds further protection here by not allowing such a background program access to what is happening on the secure desktop.
You can picture this isolation by remembering what happens to the default desktop when UAC prompts appear. You will notice that UAC prompts are actually in one of these secure desktops.
You can also imagine what the isolation means in terms of security when considering a virus that spoofs your mouse pointer. The UAC team blogged about such a scenario:
