Lockout 2.2 is a password protection "screen locker". It displays a window over the entire screen and does not relinquish control of a Macintosh computer system without a user first entering a valid password. The user can not get to the Finder to change applications, so Lockout 2.2 keeps running until a valid password is entered. An arbitrary number of passwords can be assigned. Also, a comprehensive "Log" TEXT file is maintained for later auditing. DON'T double click on the Log file - this will result in launching Lockout 2.2. Instead, open the Log file with any text editor.
Lockout 2.2 does not interfere with network or printing operations. If you have a published folder on your Macintosh and Lockout 2.2 is running, others connected to your network will still be able to mount the published volumes. (Note: This is a feature, not a bug. It IS possible to disable network and printing operations by speciying "Always use GetOSEvt" in the Supervisor's Dialog -- more on that later)
Lockout 2.2 uses no menus, just a black menu bar.
To run Lockout 2.2, just double-click on it like any other application.
To make Lockout 2.2 "self-launch" after a specified number of minutes of "Idleness" (i.e., no mouse movement or keyboard action), use IdleLaunch 1.2.
SUPERVISOR's Dialog Box
-----------------------
Fist, the Lockout screen will be shown, asking you to "Enter your user ID:". Enter "MASTER" and click the "OK" button, or hit the return key. Until you change it, the master password will be "MASTER". This brings you to the Supervisor's Dialog:
In the Supervisor's Dialog is a list of all valid user IDs (Only one, "MASTER", the first time run). The FIRST ID in the list will ALWAYS bring you to the Supervisor's dialog box. Here, you may add users, or change passwords, including the Supervisor's ID "MASTER". An ID may be changed by selecting it in the list and clicking the "Change" button. IDs may be added by clicking the "Add" button. Both Change and Add display the following dialog:
Passwords may also be deleted, but Lockout 2.2 will NOT let you delete a password if it is the only one left (i.e., it is the master password). To delete a password, it must be selected (You can select a password in the list by simply clicking on it), then just click on the "Delete" button. Changes to the valid password list take place in "real time" (There is no Cancel button).
When an invalid password is enterd, a Warning Dialog is displayed. If you are comfortable using ResEdit, you may customize this dialog -- just be sure to leave the user items and Text Field (and DON'T change their IDs!). If the prospect of using ResEdit makes you squeamish, at least you can customize the Warning Dialog text by clicking on the "Change Warning Text" button, which displays the following dialog:
"Set Message Text" lets you customize the text displayed on the Lockout screen.
"ScreenSave Time" is the time in minutes and seconds until the protection screen will go black if the system is idle. The following dialog is displayed:
"Allow Password Changes" allows users to change their passwords by entering their current password and holding down the Option key when hitting return or clicking in the OK button. The "Add or Change User ID" dialog box will appear to allow the user to change his/her password.
"Restart on Cmd-Opt" will let Lockout 2.2 call the shutdown manager and try to re-start if the Command-Option key combination is sensed. This prevents "power users" from using Command-Option Escape to force Lockout 2.2 to Quit. Enabling this option and then trying to do a Command-Option-Escape will result in a system restart, or system lockup, in which case the "power user" will have to do a hard restart anyway (programmer's switch), and Lockout 2.2 will again get loaded and lock him/her out of the system.
For Added SECURITY
------------------
Place the Lockout 2.2 and IdleLaunch 1.2 applications in the same folder. Make an alias of IdleLaunch 1.2, and put the alias in the Startup Items Folder in the System Folder. Configure IdleLaunch 1.2 (see ReadMe for IdleLaunch 1.2) to launch Lockout 2.2 on startup with a delay of 5 seconds. This insures that Lockout 2.2 and IdleLaunch 1.2 will be run when your Mac is first turned on. This will foil most unauthorized users, but an experienced hacker will know that all he has to do is insert a different system disk at Boot-up , and Lockout 2.2 will not launch, because this new startup volume no longer contains the Lockout 2.2 program. To prevent this from happening, purchase a disk drive lock (Kensington makes one) -- which will prevent anyone from inserting a floppy disk to begin with.
SCREEN SAVER Support
---------------------
Lockout 2.2 has been tested with and is compatible with Pyro®, After Dark®, and Møire™ Screen Savers. I hope it is compatible with others!
Final Note
---------
Lockout 2.2 is a bare-bones security program. It will NOT stop a determined hacker, and passwords are not encrypted or anything.
To keep unauthorized "casual" users from getting onto your system, Lockout 2.2 works extremely well, and is very reliable. I have been using this system on IIci, IIcx, and IIx systems for over two years now, and have had no trouble.
