Summary: Passwording a desktop shortcut, while theoretically possible, wouldn't really accomplish the goal of securing information. We'll look at alternatives.
Is there a program that offers desktop password protection for shortcuts? My system is Windows Vista Home Edition. I have a few shortcuts/Icons on my desktop I want to keep private. I've seen answers about managing administrator controls and user accounts, etc but that won't help me. I keep my computer on and signed in at all times so there is no changing of users, if I step away from my desk I'd like to be sure no one can click on a desktop Icon and access these files. Logging off and on throughout the day to avoid unauthorized access is not an option for me. I am looking for one that will prompt for a password when the icon is clicked.
•
The short answer is no - I know of no way to do exactly what you describe.
And to continue along that line, doing exactly what you describe - password protecting the shortcuts - won't help. Protecting a shortcut to a document is not the same as protecting the document itself.
Let's look at some possible alternatives.
•
To be completely honest, for the scenario you describe, logging off really is the right thing to do.
In fact, depending on who you're protecting these documents from and how aggressive they might be, turning off and locking might also be called for. Remember that ultimately nothing is safe if someone has physical access to your machine, which it sounds like they do.
Now, as I alluded to earlier, even if you password protect the shortcut to a document, there's nothing to prevent someone from bypassing the shortcut and using perhaps Windows Explorer to locate and access the document directly.
If leaving your machine on and unattended is a requirement, (and I'm assuming that a password protected screen saver is also not an option for you), then encryption is really the only answer, and even then it needs to be used judiciously.
Three approaches come to mind:
-
Application-based protection. Applications like Word and Excel and others often have the ability to password protect a document themselves. When this is done correctly, the password must be provided to read or modify the document.
Application-based protection has a somewhat troublesome history. You're relying on each application to get passwording and encryption right so that it's non-trivial or near impossible to crack into a protected document. Many applications have, over the years, gotten this very wrong. Before you rely on this, make sure to check out the security reputation of any applications you're using.
For your scenario if you're just looking to protect yourself from casual passers by, and the applications you're using support this, then it may well be the most pragmatic solution, especially since no additional software is required.
-
Single File Encryption. With this approach you might use a tool like 7-Zip or Axcrypt to compress and password protect individual files.
The problem with this scenario is that it's a cumbersome process to maintain your documents, and easy to leave an unprotected copy lying around. To edit the document you would:
- Decrypt compressed file.
- Edit your decrypted file.
- Re-encrypt the file.
- Remember to delete the decrypted copy. (Securely, if that matters.)
Those last two steps are trivially easy to forget any time you walk away from your computer.
-
Create an encrypted volume. Longtime readers know I'm a big fan of TrueCrypt. In fact, as I type, this the document is stored on an encrypted volume on my laptop as I'm away from home. If my laptop's stolen, it and anything else I've placed on the volume remain safe.
With an encrypted volume, you create a "fake" or pseudo disk volume that appears as another drive letter on your machine. Write documents to that disk and it automatically encrypts them, and reading them automatically decrypts them. It's totally transparent to every application you might want to have access the file.
Usage is simple: to gain access to the contents of the volume, you "mount" it at which time you provide the password (or more preferably, a longer pass phrase), at which point the entire volume contents are available. When you're done, you close all files on the volume and dismount it. Everything on it is completely inaccessible until the next time you mount it.
When stepping away from your computer you would simple make sure documents are closed, and dismount the volume. Alternately, one nice feature that might also work for you is that volumes can be auto-dismounted after some period of inactivity.
Honestly, I'm still of the mind that walking away from your logged in computer is a bad idea if there's any concern about protecting the data thereon. Logging out, or at least having a screen saver kick in that requires a password on your return is perhaps the best approach.
However, if you insist, perhaps some of the alternate ideas above can work for you.
Related:
-
How can I password protect my documents? Keeping information private on your computer is harder than you might think. Some obvious solutions aren't as secure as we might like.
-
Can I password-protect a folder? Keeping data on your computer secure is important. Being able to password protect a folder seems an obvious approach. Unfortunately it's not that simple.
-
TrueCrypt - Free Open Source Industrial Strength Encryption TrueCrypt provides a solution for encrypting sensitive data - everything from portable, mountable volumes to entire hard disks.
Article C3765 - June 18, 2009
Then I ran into this:
http://download.cnet.com/Folder-Lock/3000-2092_4-10063343.html
if you have admin. rights
Posted by: sirpaul1 at June 23, 2009 9:08 AMThis was so informative. I asked Leo a similar question a couple of weeks ago, and I was glad to see it addressed. I did what JH advised. I didn't know you could do that!
Posted by: some gal at June 23, 2009 12:55 PMEveryone, thanks! I now have a password for the computer and have everyone lock it the way JH suggested. It may seem like basic information to everyone else, but I was amazed that I could do tha! It had weighing on my mind on how to limit access to the computer since it is out in the open and people are coming and going frequently.
Posted by: some gal at June 23, 2009 1:39 PMThis will be a little out of place for such an overtly Windows website but on Apple computers there is a "Guest Account" option. If I want to leave everything open and running but don't want anyone to access any of it all I have to do is click on the Guest Account. A new desktop, just like the regular one, rotates into view. The "Guest" can access only the files I've granted rights to. This way "guests" are unaware that they are not accessing 'my' computer. To get back all I have to do is click on my "account". The regular desktop rotates back into view and everything is open and ready for me to get back to work.
Posted by: Samuel at June 23, 2009 4:22 PMJust reading the question though - password protecting shortcuts on the desktop - Leo's initial suggestion, literally having a password on the screensaver is doing EXACTLY what is being asked of. Nothing more, nothing less.
Everything else is good but too cumbersome >
Posted by: David at June 23, 2009 5:25 PM