passwords

Everett Cox · From: Marengo, OH, USA (deceased)

On another recent thread, some folks described problems and solutions(?) about passwords.

First off, web sites that use logon and/or passwords will generally create a 'cookie' in the 'windows\temporary internet files' folder -- I am not aware of any sites that utilise the Windows' .PWL files. Do not arbitrarily delete the .PWL files - rename them if you think they might be corrupt. (So that you can restore them when it turns out the problem was caused by something else.)

When you use your browser's option to 'delete' the temporary internet files, that normally does NOT delete 'cookie' files. While you CAN often manually delete those cookies, be aware that there are also other 'cookie' folders and cache files. Just deleting one from the temporary file may cause additional problems.

I highly recommend a small FREE utility called 'GATOR' to ease your logon/password problems. www.gator.com Once installed, you have the opportunity to give it whatever info you wish about your name, address, credit card, email, etc. None of this is required but, if available, the program can use it to 'fill in' web forms or you can do simple 'copy & paste'.

Mostly, though, Gator shines at remembering passwords. When you are first required to logon a site that Gator hasn't seen before, a popup will appear asking if you want Gator to remember the data. If you allow it, the next time you go to that site, Gator brings up the info for you. Just one click to accept. VERY, VERY handy program!!! --Everett

Chip Fossa · From: Monson, MA, USA (deceased)

Thanks Everett,
With 'gator', can I just jump in it? Or do I
1st have to remove my password/username?....
if I can ever locate it.

Chip

Tom Diemer · From: Defiance, Ohio USA

Hi Everett,

A good information sight on the PWL files is http://webdon.com/vitas/pwl.htm

I found quite by accident, that certain internet sights that require login name and password, use the PWL file to cache usernames and passwords. One I found, was a company that logged in to a sight to download price lists and upload orders. First it wouldnt save their info, then internet explorer would crash completely if they tried. Eventually, windows wouldnt even start up without getting errors. Replacing the PWL resolved the problem.
Another was a user who liked to use Yahoo games. Similar symptom. Illegal op's when trying to log in to Yahoo.

I'm in total agreement with you, not to delete those files, unless all other options are gone. But since it is used for password caching, it will quickly rebuild itself.

Also, I found that logging in with a new name, to bypass the PWL, did not help. The bad file had to be removed. ( the reason, it turned out, was the entry to the bad file was still listed in system.ini, and IE looks at them all if it doesnt find what it wants in the current one )

Below I copied a bit of info from that web sight, on how internet explorer uses PWL files for login security. FWIW...

Quote:

PWL file is a secured database. Each record has three fields:

1. Resource type (0..255)
2. Resource name
3. Resource password

Resource type 19 - WWW resource (used by Internet Explorer). Resource name has following syntax: DomainName/Page title . Resource password contains login name and password separated by colon. For example John:abc

You can use pwlview (note: they sell this program) program to examine current user's PWL file contents.

End of quote.

Hope this helps explain my comments.

Tom

erik · Posted 20 Jun 2001 6:21 pm

I am confused about this information. Are you talking about auto logins? Or any login? I can use a totally different computer and log into a site. Isn't that what a user name and password is for? Can you clarify what you mean?

Everett Cox · From: Marengo, OH, USA (deceased)

Tom-- Thanks for the info. As stated, I don't know of any web sites that use Windows' .PWL file(s). Since the protocol is undocumented, MS could change the rules at any time. That would make using the PWL file a risky method for site designers to use.

Chip-- Gator has nothing to do with any other password programs/files that may be on your computer. It is a completely independant utility. If you download and install it, you will be presented with some screens on which you can enter several pieces of information. Type in as much data as you wish about your name, address, phone, credit card, email, etc.

Web sites that use standard HTML code protocols will automatically trigger Gator to pop up whenever they ask for those types of info. (For instance, if you're requesting a catalog from Musician's Friend and they give you a screen to type in your Name, address, etc. When Gator senses that screen, it will open its window with your data. You can then allow Gator to auto-fill or you can select individual fields and 'drag & drop'.)

Similar thing for web site logon and password. If the web designer used standard HTML coding, Gator senses the request for user name and/or password and pops up a small window. If Gator has previously been given the data, you just click once to get logged on. If Gator does not have the data, you must enter it as normal but then Gator asks if you want it to save the logon data and will then have it for the next time you go to that particular site.

Eric-- We're talking about the logon data that may be required for particular web sites. Some sites ask for a user name and password which may get stored in a cookie for future access. Some sites do not store the logon and expect you to key in the data each time.

In any case, the data may get deleted, corrupted, or forgotten. Gator (and many other similar utilities) provides you an easy way to save and retrieve logon info. Gator saves the data in its own file along with the URL of the web page.

Jack Stoner · From: Kansas City, MO

According to what I got from Microsoft the .pwl file is associated with the "Windows Logon" only.

I researched how to eliminate the windows logon, when windows starts, and the procedure for eliminating the logon includes renaming all the .pwl files to .old.

Here's is the procedure in case anyone is interested.

To prevent Windows from prompting you for a password at startup:
1. Click Start, point to Settings, click Control Panel, and then double-click Network.
2. On the Configuration tab, click Windows Logon in the Primary Network Logon box, and then click OK.
3. When you are prompted to restart your computer, click No.
4. In Control Panel, double-click Passwords.
5. On the Change Passwords tab, click Change Windows Password, select any of the check boxes that you want, and then click OK.

NOTE: If you cancel the network logon dialog box when you start your computer, the Change Passwords tab may not be available. You must log on so that the Change Passwords tab is available.
6. In the Change Windows Password dialog box, type your current Windows password in the Old Password box. Leave the New Password and Confirm New Password boxes blank, click OK, and then click OK.

NOTE: If you have forgotten your old password, view the following article in the Microsoft Knowledge Base:
Q189126 Microsoft's Policy Regarding Missing or Invalid Passwords
7. On the User Profiles tab, verify that the All users of this PC use the same preferences and desktop settings option is selected, and then click Close.
8. Click Start, point to Search (or Find), and then click For Files or Folders.
9. Type *.pwl in the Named box, click Local Hard Drives in the Look in box, and then press ENTER.
10. Right-click one of the .pwl files, click Rename, and then rename the file with an .old file name extension. Repeat this step for each .pwl file.

NOTE: If you do not rename the .pwl files, the passwords from those files may be detected by Windows and the Windows Logon request may continue to appear.
11. Shut down and then restart your computer.

Forum Index > Computers		Next oldest topic :: Next newest topic

All times are GMT - 8 Hours	Jump to: