Before considering how to make it happen, first decide what you want to happen. For me I think that would be:
The PC has two security states: Open and Closed. At bootup it is always Closed. To switch from Closed to Open, you have to enter your Master Password. Although you have many passwords (for dialup, for various websites, etc) you only need to remember the Masterpass. To switch from Open to Closed should be made very easy, no password required. Have a manual method, such as clicking a tray icon, or a hotkey, and several auto methods, such as after system is idle for n minutes, whenever the screen saver happens, plus maybe a simple fixed time of n hours. Each user can decide all those things individually. As someone who knows nothing about encryption or writing dlls I would do it like this: Store all passwords in one .ini file. Every script or command which requires a password fetches it from the same ini file: [passwords] Dialup = mydialuppassword YahooGroups = myyahoopassword etc Encrypt the file any way that's easy, such as a password protected zip, using your Masterpass. When you wish to be in the Open state, unzip passwords.ini (use a less obvious filename if you prefer) always to the same path. When you dial, instead of using a command with a literal password like this: dundial other-parameters password use the command: dundial other-parameters &(ini.get,etc,etc). I'll leave you to work out a better do() statement. Do a similar thing with every other command which uses a password: use do( ... , ... , (ini.get(passwords.ini,etc)) That will only work when passwords.ini exists, and passwords.ini only exists when you have chosen to unzip it with your password. The various methods for changing from the Open to Closed state simply delete passwords.ini. In the Closed state, only the zip file encrypted with your master password exists. Write your scripts sensibly so a global or static variable is never set to a password retrieved from passwords.ini. As a safety precaution (in case a power failure means that the PC is switched off while the ini file still exists) make a very early startup item which deletes passwords.ini if it exists. In XP that could be in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT \CurrentVersion\Winlogon\Userinit because I think that is the first of all startup events, even before anyone has logged on - works for all users including admin, default, etc. The nice thing about the system described above is that every competent PowerPro user can design their own variations of it. The variety of individual implementations makes it more secure. ------------------------ Yahoo! Groups Sponsor --------------------~--> $9.95 domain names from Yahoo!. Register anything. http://us.click.yahoo.com/J8kdrA/y20IAA/yQLSAA/JV_rlB/TM --------------------------------------------------------------------~-> Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/power-pro/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
