Blaser WinUnlock

Key Benefits

      • Only allows enterprise and domain administrators the ability to unlock a user session
      • Seamless integration with Microsoft Windows
      • Allows for the logoff of multiple user sessions in a “Fast user Switching” scenario or “Switch User” scenario where multiple users can bog-down the computer.
    • Runs on all current versions of Windows - Windows XP, Windows Vista, Windows 7, Windows 8, Windows Server 2003, Windows Server 2008, Windows Server 2012

Blaser WinUnlock

Blaser WinUnlock allows system administrators to unlock and access a locked user session on a workstation. 

Blaser WinUnlock is a security audit and technical support tool that allows an enterprise or domain administrator to unlock and access a locked workstation and user desktop.  Traditionally, workstations computers are logged-on and used during an interactive session with the user in front of the computer.  Once a workstation is locked (selecting the "Lock Computer" or “Lock Workstation” option form the "Ctrl-Alt-Delete" screen (Winlogon Desktop), Windows will lock the workstation; securing it to allow only the current user the ability to unlock and use the workstation. 

Occasionally, a system administrator will need to access the user’s desktop to perform audits or to provide technical support.  For example, if a user is experiencing problems, needs software updates that must be installed under the current user (HKEY_CURRENT_USER registry key), it will be necessary to either inconvenience  the user by sitting with them to install the software.  This method is inefficient in that is wastes the user's time.  By default, Windows only allows the current user to unlock the computer. An administrator can unlock the computer; however, the current session will be closed along with all the applications started by that user. As a result, any unsaved work is lost. Users often must resort to powering a system down to regain access.

Blaser WinUnlock avoids all of these problems by offering system administrators the flexibility of unlock workstations to perform necessary audits, software installations, and provide technical support – all with logged activity so that the balance between convenience and security can be maintained. 

Blaser WinUnlock uses standard the Windows API and does not store or cache any passwords at any time.  Authentication attempts are handled by the standard Windows APIs, and upon successful authentication and group membership verification, the user session is unlocked.  Once a user session is unlocked, an overlay on the user desktop displays basic system environment variables for the convenience of the administrator.  The overlay also provides an alert to the administrator, and those around, that this is not a regular interactive session. 

Desktops will re-lock after 2 minutes of inactivity and return to the Winlogon Desktop (Ctrl+Alt+Delete screen).  This is to avoid any accidental unlock and distraction factors by the administrator,.

For added security, unlock events are verified with the Domain Controller for the member workstation, and then logged both in the Domain Controller and Local Computer security Event Log.  This audit trail ensures that security cand an audit trail can be maintained within the organization.