Tip

Don't end your administrator password with S or L

Are you prone to typing like a madman without giving thought to the consequences? If so, you may have encountered the following scenario and caused yourself some headaches.

You go to your Windows server and notice that the monitor is dark. (The power save feature has kicked in because the server hasn't been used for a while). You figure the computer is locked as well (since you have either a corporate policy or group policy that dictates such), so you quickly hit Ctrl+Alt+Delete, followed by the password of the account you know is probably logged onto the console session, and hit Enter.

And you do this all before the monitor fully activates, because your time is too valuable to wait for the monitor to activate and show you the Ctrl+Alt+Del logon screen that must be waiting on the server. Besides, if someone else is currently logged onto the console session/server, the log-on attempt will fail and you can just type in the correct password once that monitor has fully powered up.

Here's the issue. While the screen is dark, the console session may not actually be locked. You essentially just hit the Ctrl+Alt+Del keys while the console session is open. So you don't actually see the Windows Security dialog box appear along with its five option buttons.

Accidental server shutdown

Why is this an issue? Because in the above scenario, if you have a password that ends with the letter "S" or "L," you'll actually be sending the command to shut

    Requires Free Membership to View

down or log off when you hit Enter. Once the monitor comes online, you'll see your logged-on session will either be logging off or shutting down the server on you.

To recreate this issue, log onto a server using its console (aka the keyboard and monitor connected directly to the server). When you hit Ctrl+Alt+Del, the Windows Security dialog box appears. Now hit either the "S" or "L" key. It will activate the appropriate button. Then a final corresponding "Are you sure you want to do this action?" window appears. If you hit Enter, that action is applied.

Maybe I'm the only administrator dumb enough to have done the above enough times to actually warrant writing about it, but if nothing else, maybe I can keep you from accidentally performing this embarrassing (and potentially career-threatening) mistake by not using passwords that end with a letter "S" or "L."

About the author: Tim Fenner (MCSE, MCSA: Messaging, Network+ and A+) is a senior systems administrator who oversees a Microsoft Windows, Exchange and Office environment. He is also an independent consultant who specializes in the design, implementation and management of Windows networks.

More information on this topic:


This was first published in June 2007

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.