Secure User Accounts
For normal user accounts, password protect them! Enforce password complexity and length (8 character minimum, 15 recommended) Password protect & disable the Guest account.
WARNING: Entering the wrong settings can break Windows (this is not a pun & I mean the OS kind). Do not experiment with these settings in a production environment.
For 2000 or XP Pro machines, you can use the Group Policy editor to lockdown settings further. Run gpedit.msc. The settings you may want to change are under Computer Configuration/Windows Settings/Security Settings. A description of what each entry does can be found here.
Hackers may attempt to log on to your system or file shares remotely. If your password is a common word or phrase, a dictionary attack will crack it quickly. Using a name, address, or birth date as a password is also unwise; they're the first things a hacker may try. A strong password is one that is at least eight characters long; contains characters from at least three of these four categories: uppercase letters, lowercase letters, numbers, and punctuation; and does not contain your username or any part of your full name.
Back to Security
