Guide Categories:  Home | Drivers | Web Development | Hardware | Internet | Q & A | Tips & Tricks | Write
Tips and Tricks Silicon Guide
Search SiliconGuide:

Web Development
Technical Q & A
Tips & Tricks
Write to Us

Boosting Windows 3.1 security

win31.jpg (11940 bytes)By Eric Georgieff
August 1999

Compared to Windows NT, Windows 3.1 and 95 offer little security, yet there are a few ways that you can increase the security of Windows 3.1, simply by editing an *.ini file.

I found out this little trick one day, when I was using a program designed to boost the security of windows 3.1.  After configuring all the options of this program, I later opened the file progman.ini, and noticed the file had been edited by that application, in order to add certain restrictions to Windows 3.1.  I wondered if I could simply add this to the progman.ini file of another computer to have the same effect, without installing the security program.  I tried it, and it worked.  Why would anybody buy that shareware program when all it does is edit a text file stored on your computer.   In any case, here are a few ways you can keep unwanted people away from your Windows 3.1 workstation.

Launch a text editor such as the Windows Notepad (Start > Accessories > Notepad), and open the file called progman.ini which is located in your windows directory.  In this file, you will see two sections called [Settings] and [Groups].  Simply add a blank line after the last item of [Groups] and type [Restrictions] to add a third section.   You may then type the following lines:


You can now change the 0 at the end of editlevel for any of the following numbers: 1 to prevent the creating, deleting or changing of groups, 2 to prevent creating or deleting of program items, 3 to prevent the modification of command lines of program items and 4 to prevent  modification of program items.  Each number also includes the onces before it, for example, if you are implementing level 3 security, level 2 and level 1 security will also be activated.

If you put a 1 at the end of NoClose, the user will not be able to quit windows.   If you do the same to NoFileMenu, the user will not be able to access the file menu, severely limiting what he can do.  If you assign a 1 to NoRun, the user won't be able to run any program that is not already in a program group, and putting a 1 at the end of NoSaveSettings, the most useful of the options in my opinion, will prevent the appereance of the desktop to be modified, which means the location of all your groups as well as other options you set will always remain the same.

Save the file as a text file (if you used a word processor to modify the file, make sure it doesn't save it in it's own proprietary format) with a .ini extenison (it must be called progman.ini).  Next time you restart windows your changes will take effect.   Be careful however not to lock yourself out of your own computer.  If you find that that is the case, just go in dos, and type "edit c:\windows\prgman.ini" (without the quotes), and put it back to how it was before.  If windows loads automatically when you start the computer, type Ctrl+Break to stop you autoexec.bat file from automatically starting windows, in order to let you edit the file (shhh, don't tell anyone how to edit the file, or your protection will be rendered useless!).

I hope you find this PC TechPaper Trick useful.  Please send us your comments at

Home | Web Development | Hardware and Upgrading | Internet | Technical Questions & Answers | Tips and Tricks | Write to Us

Last modified on: Tuesday, October 15 2002 at 04:51 PM - UTC
Copyright 1999 - 2012 SiliconPharm Corporation, All Rights Reserved
Powered by Apache/2.4.10 (Debian) (More Info)