You can use Windows 95 security to prevent unauthorized access to the network and to shared resources on computers in a network. The following security features are built into Windows 95.
Unified logon prompt.
With Windows 95, users can log on to all networks and Windows 95 at the same time. If a user's password for Windows 95 or for another network is the same as the password for the primary logon client, Windows 95 automatically logs the user on to Windows 95 and all networks using that password. For more information, see "Using the Windows 95 Logon Password " later in this chapter.
Windows 95 logon security.
With system policies, you can prevent users from logging on to Windows 95 if their Windows NT or Novell® NetWare® network logon is not validated. To require validation by a Windows NT domain controller or NetWare server before allowing access to Windows 95, you must use system policies to enable Require Validation By Network For Windows Access. For more information, see Chapter 15, "User Profiles and System Policies."
User-level or share-level security for peer resource sharing.
When a computer is running Windows 95 with File and Printer Sharing services, other users can connect to shared printers, volumes, directories, and CD-ROM drives on that computer. To protect these shared resources, Windows 95 provides user-level and share-level security. With user-level security, a user's request to access a shared resource is passed through to a security provider, a Windows NT or NetWare server, which grants or denies the request. With shared-level security, users assign passwords to their shared resources, and any user who can provide the correct password can access the shared resource.
Note
You can use user-level security without installing File and Printer Sharing services, such as when using the Remote Registry service.
Password caching.
When a user first types and saves a password when connecting to a password-protected resource, Windows 95 caches the password in the password list file. Logging on with a Windows 95 password unlocks the password list file and associates those passwords with the Windows 95 password. To the user, it seems as if the passwords for Windows 95 and for password-protected resources are the same. If password caching is disabled, users must type the password each time they connect to a password-protected resource.
Password List Editor.
This tool allows you to view and delete the contents of users' password list files.
Password controls in system policies.
You can use system policies to enforce a password policy with greater restrictions, including the following:
Other system policies.
You can define policies to prevent users from enabling peer resource sharing services and to enforce other security components, such as preventing users from configuring system components. For more information, see Chapter 15, "User Profiles and System Policies." See also "Using System Policies to Enforce Password Security" later in this chapter.