Is there a program that offers desktop password protection for shortcuts? My
system is Windows Vista Home Edition. I have a few shortcuts/Icons on my
desktop I want to keep private. I’ve seen answers about managing administrator
controls and user accounts, etc but that won’t help me. I keep my computer on
and signed in at all times so there is no changing of users, if I step away
from my desk I’d like to be sure no one can click on a desktop Icon and access
these files. Logging off and on throughout the day to avoid unauthorized access
is not an option for me. I am looking for one that will prompt for a password
when the icon is clicked.
The short answer is no – I know of no way to do exactly what you
And to continue along that line, doing exactly what you describe –
password protecting the shortcuts – won’t help. Protecting a shortcut to a
document is not the same as protecting the document itself.
Let’s look at some possible alternatives.
To be completely honest, for the scenario you describe, logging off really is the right thing to do.
In fact, depending on who you’re protecting these documents from and how aggressive they might be, turning off and locking might also be called for. Remember that ultimately nothing is safe if someone has physical access to your machine, which it sounds like they do.
Now, as I alluded to earlier, even if you password protect the shortcut to a document, there’s nothing to prevent someone from bypassing the shortcut and using perhaps Windows Explorer to locate and access the document directly.
If leaving your machine on and unattended is a requirement, (and I’m assuming that a password protected screen saver is also not an option for you), then encryption is really the only answer, and even then it needs to be used judiciously.
Three approaches come to mind:
Application-based protection. Applications like Word and Excel and others often have the ability to password protect a document themselves. When this is done correctly, the password must be provided to read or modify the document.
Application-based protection has a somewhat troublesome history. You’re relying on each application to get passwording and encryption right so that it’s non-trivial or near impossible to crack into a protected document. Many applications have, over the years, gotten this very wrong. Before you rely on this, make sure to check out the security reputation of any applications you’re using.
For your scenario if you’re just looking to protect yourself from casual passers by, and the applications you’re using support this, then it may well be the most pragmatic solution, especially since no additional software is required.
The problem with this scenario is that it’s a cumbersome process to maintain your documents, and easy to leave an unprotected copy lying around. To edit the document you would:
- Decrypt compressed file.
- Edit your decrypted file.
- Re-encrypt the file.
- Remember to delete the decrypted copy. (Securely, if that matters.)
Those last two steps are trivially easy to forget any time you walk away from your computer.
Create an encrypted volume. Longtime readers know I’m a big fan of TrueCrypt. In fact, as I type, this the document is stored on an encrypted volume on my laptop as I’m away from home. If my laptop’s stolen, it and anything else I’ve placed on the volume remain safe.
With an encrypted volume, you create a “fake” or pseudo disk volume that appears as another drive letter on your machine. Write documents to that disk and it automatically encrypts them, and reading them automatically decrypts them. It’s totally transparent to every application you might want to have access the file.
Usage is simple: to gain access to the contents of the volume, you “mount” it at which time you provide the password (or more preferably, a longer pass phrase), at which point the entire volume contents are available. When you’re done, you close all files on the volume and dismount it. Everything on it is completely inaccessible until the next time you mount it.
When stepping away from your computer you would simple make sure documents are closed, and dismount the volume. Alternately, one nice feature that might also work for you is that volumes can be auto-dismounted after some period of inactivity.
Honestly, I’m still of the mind that walking away from your logged in computer is a bad idea if there’s any concern about protecting the data thereon. Logging out, or at least having a screen saver kick in that requires a password on your return is perhaps the best approach.
However, if you insist, perhaps some of the alternate ideas above can work for you.