Tarek
As we all know we are able to make visible the wireless password for any connection saved in our preferred wireless network section in window 7 .
after so much researching i couldnt any solution for it . how can i hide it?is there any way to do so from a router ?
the user must remain an administrator so any replies about restricting user access arent valid
Joe
Logging in for any purpose (except administrative tasks) with admin permissions is a major security risk, and I believe Microsoft has disabled it since XP SP3 at least!
Concerning the question you asked, I'm no Windows expert, but basic security notions and understanding of what an "administrator" account is tell me that it is impossible to do what you want.
There is something fundamently twisted and wrong about restricting an administrator user. (Just like there's something fundamentally wrong with mutli-users sharing the same account on modern operating systems. But that's a whole other debate).
I strongly suggest you stop using the admin account unless absolutely necessary, and force each user to use his or her own login account.
Then again, I don't know anything about Windows so I might be completely wrong. (Or maybe they're the one completely wrong, depends on the point of view .... :P )
Tarek
yeah it can be done easily with UAC and you can restrict the admin
I have found a solution, which is not very elegant but it works.
The way is to find the key in the registry where you can unlock the viewing of the WIFI Key.
For that, you have to find a Key where the value is "CElevateWlanUi"
In my case, it was in HKEY_CLASSES_ROOT\Appid{86F80216-5DD6-4F43-953B-35EF40A35AEE}.
Under this key you have 3 values :
• The first one (default) with the value "CElevateWlanUi"
• The second one AccessPermission of type Reg_Binary with a binary value (does'nt matter to understand what it means)
• The third one is called DllSurrogate with a null value.
The way I solved the problem is to setup the authorizations of the main Key {86F80216-5DD6-4F43-953B-35EF40A35AEE} by a right-click, then "autorizations".
After you have to take possession of this key.
I setup the owner as our domain administrator.
For that click on the the button "Advanced" then on the tab "owner" and replace TrustedInstaller by the administrator of my domain.
Then, I came back to the main panel of authorizations of the main key.
I deleted the entry LAP505\administrators and the entry LAP505\domain users, and added the entry for my domain administrator with all rights. (LAP505 is the computer name)
I applied all the modifications.
I repeated the operation for the second occurence of the key :
HKEY_LOCAL_MACHINE\Software\classid\Appid{86F80216-5DD6-4F43-953B-35EF40A35AEE}
And when I logged on with a user with local admin privileges, I could connect to WIFI network, I could access to the network center but I could'nt unmark the "Hide caracters". It works!
Second point : As my users want also to connect their laptop at home on their box, I checked the possibility to add a WIFI connection and it worked also! The only restriction is that they can't see the key once it is entered (for modification, they have to delete the connection a re-create it.
do you think add a pin code can solve the issue? i mean the user even if he knows the password cant use the internet without a pin code ( WPS system )
Joe
Great you found a solution :)
Tarek
hehe R you must be extremely bored today
Georges
Damn. That's good.
Good post Tarek. Will definitely give it a try ^.^ - And what if it can be done in reverse, so that admins can never hide password xD
Tarek
if a user in my network is able to reverse ..well i guess he deserves to keep the password :)
this solution doesnt work on the owner ( the original user or administrator )
any one had any encounters with cisco WPS?
