GINA - Graphical Identification and Authentication DLL

by Wayne Maples [Published on 20 April 2004 / Last Updated on 20 April 2004]

Logon to Windows NT is controlled by Winlogon.exe. You can eliminate the logon with automatic logon , not recommended, or you can modify the mechanisms used. Some functions handled by winlogon are implemented with a replaceable DLL. The identification and authentication aspects of Winlogon can be replaced if an organization wishes to change the default gina, msgina.dll, which provides for account/password authenication with some other mechanism such as smart-card, biometrics, or PKI. There are opportunites for significantly improving NT's default authenication process. Samples GINAs can be found in the SDK's Gina and Ginastub folders under Mssdk\Samples\WinBase\Security\WinNT.

Related:
NT GINA information
GNU newgina
eliminate alt-cntl-del, run script at startup, shutdown, ...

This kind of twiddling with NT security might be necessary in a high security environment or you may want to eliminate alt-ctrl-del in a kiosk environment, but in general I would strongly recommend against this unless you really understand NT security or you have no need for security. It is possible for hackers or intruders to use this capability to inappropriately snoop, to capture any passwords entered on a workstation with a modified gina. See FakeGina on the NtSecurity.nu site for a working model of this threat. A particular threat for shared PCs or kiosk PCs with logon requirements (say a company library or cafeteria open terminal).

See Also

Featured Links