Don't end your administrator password with S or L

You go to your Windows server and notice that the monitor is dark. (The power save feature has kicked in because the server hasn't been used for a while). You figure the computer is locked as well (since you have either a corporate policy or group policy that dictates such), so you quickly hit Ctrl+Alt+Delete, followed by the password of the account you know is probably logged onto the console session, and hit Enter.

And you do this all before the monitor fully activates, because your time is too valuable to wait for the monitor to activate and show you the Ctrl+Alt+Del logon screen that must be waiting on the server. Besides, if someone else is currently logged onto the console session/server, the log-on attempt will fail and you can just type in the correct password once that monitor has fully powered up.

Here's the issue. While the screen is dark, the console session may not actually be locked. You essentially just hit the Ctrl+Alt+Del keys while the console session is open. So you don't actually see the Windows Security dialog box appear along with its five option buttons.

Accidental server shutdown

Why is this an issue? Because i

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Server Security Top Windows server hardening standards and guidelines Windows server hardening: How much is enough? Overlooked security in Windows Server 2008 Easing security concerns with Server Core for Windows 2008 Windows PowerShell: A backdoor to malware? Checking access permissions with Server Share Check Setting CD drive permissions in Windows XP for security reasons Microsoft further tightens security in Windows Server Harden the Remote Access Server Restricting cached credentials in Windows Windows Systems and Network Administration Cutting the cost of Windows identity and access management Using NTFS on a non-Windows OS with NTFS-3G Group Policy Object modeling simplifies network security Implementing simple Network Access Protection for Windows Server 2008 Immediate steps for Windows disaster recovery Tips for Windows domain controller optimization Quick hits: Troubleshooting service account failure, batch job execution Case Study: Troubleshooting Windows service dependency failures Troubleshooting common Windows service failures Reducing the size of network backups in Windows

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

n the above scenario, if you have a password that ends with the letter "S" or "L," you'll actually be sending the command to shut down or log off when you hit Enter. Once the monitor comes online, you'll see your logged-on session will either be logging off or shutting down the server on you.

To recreate this issue, log onto a server using its console (aka the keyboard and monitor connected directly to the server). When you hit Ctrl+Alt+Del, the Windows Security dialog box appears. Now hit either the "S" or "L" key. It will activate the appropriate button. Then a final corresponding "Are you sure you want to do this action?" window appears. If you hit Enter, that action is applied.

Maybe I'm the only administrator dumb enough to have done the above enough times to actually warrant writing about it, but if nothing else, maybe I can keep you from accidentally performing this embarrassing (and potentially career-threatening) mistake by not using passwords that end with a letter "S" or "L."

About the author: Tim Fenner (MCSE, MCSA: Messaging, Network+ and A+) is a senior systems administrator who oversees a Microsoft Windows, Exchange and Office environment. He is also an independent consultant who specializes in the design, implementation and management of Windows networks.

More information on this topic:

Rate this Tip To rate tips, you must be a member of SearchWindowsServer.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.