Tech – for Everyone

Tech Tips and Tricks & Advice – written in plain English.

Strong passwords, hidden Admin

Some basic security pointers–#1 was one of my first articles and it appeared 6/9/07– 

Is your computer a zombie? You can never be too secure, and neither can your PC. These few steps will go a long way in keeping your private information away from prying eyes, and prevent your machine from being used as a “zombie” by tech-savvy evil doers. (Most owners of zombie PCs are totally unaware that their computers are being used in this way.)

Tip of the day: The two basic steps I will discuss today– password protecting your User Accounts (and requiring logging in), and renaming your Administrator Account– should be prefaced with a quick description of what is, exactly, a strong password.

Strong passwords should be “complex”. That means that they should contain both upper and lower-case letters, special characters (!@#$%^&*(){}[]) and numbers, and be at least eight characters long, and–most definitely–not be a word found in the dictionary (or a name). Your passwords (notice the plural. It is not wise to use the same password for everything.) will be easier to remember if you make them into a ‘passphrase’. An equestrian might use a passphrase of 1Lu^h0rsez, for example.

Now that you have a good password, it’s time to require authentication to use your machine. Start by clicking on Start>Control Panel>User Accounts (or Start>Settings>Control Panel>User Accounts. Depending on your version and preference setting). Then click on “Change an account,” and then click on “Create a password for your account.” Enter your password, twice, and if you’ld like, a password “hint” that will remind you (but not clue in the whole world) of your new password. Click “Create password.”

Now, since knowing your User name is half the battle, click on “Change the way users log on or off.” Deselect (by unchecking the check in the checkbox) “Use the Welcome screen.”

Unbeknown to most folks, Windows has a hidden Administrator account (this becomes vitally important when troubleshooting failing systems, or when User accounts get “locked out”) named “Administrator”. Hackers are well aware of this, and it is their favorite method of gaining access (and control over) your machine; since they know the User name (Administrator), all they have to do is guess the password–which by default, and unless you set one, there isn’t one!
Remedy this in XP Professional by going to Control Panel>Administrative Tools (you must use Classic View) and clicking on Local Security Policy. Then in the left column click on the plus sign next to Local Policies, and then click the Security Options folder (If you receive a warning about Group Policy, just ignore it) and a series of policies will appear in the right pane. The 4th or 5th one from the top should be “Accounts: Rename administrator account”. Double click on it and a dialogue box will open. Enter a new name, and click Apply, and OK.

In XP Home, the method is to click Start>Run. In the Run dialogue type in “Control userpasswords2” [no quotes] and click OK. From the User Accounts dialogue box, select the Administrator Account and click Properties. Enter the new name in the User Name text box, and click OK.

(For other versions of Windows the methodology is similar, but I recommend Searching Microsoft’s website for the specific steps.)

The last step is to congratulate yourself, because you have just made your computer much, much harder for a determined cracker to penetrate, and practically eliminated access to the casual browser.

Today’s free link: Steve Gibson’s ShieldsUp! This free scan, offered by a true giant in the computer field, analyzes your computer for vulnerabilities coming from the Internet, and tells you how your private data may be visible to outsiders. This link will appeal to the more tech-savvy, and be an eye-opening experience for those of you who have not learned about firewalls yet.

Copyright © 2007-8 Tech Paul. All rights reserved.

Share this post :

February 26, 2008 - Posted by | advice, computers, how to, passwords, PC, privacy, security, tech, User mode, Windows, XP | , , , , ,

2 Comments »

  1. Man , I only came here cause I orgot my password and it’s not in here !!!!

    Like

    Comment by Hally | August 4, 2008 | Reply

  2. Hally–
    I am sorry you were directed to this article. My article on forgotten passwords is here, https://techpaul.wordpress.com/2008/01/22/preventing-password-lockout/, but as you can see from the title, this is more of a preventative than a cure.

    If you’re talking about your User Account logon, and gaining access to your desktop, Logon as “Administrator”, and not your usual User name.
    Once you’re in as Administrator, go to Control Panel > User Accounts. Click on your User Account and then “Change password”. Give your account a new password, and reboot. Now you should be able to log on with the new password.
    * You may have to first boot into Safe Mode to access the Administrator account without being asked for a password.

    Like

    Comment by techpaul | August 4, 2008 | Reply


Post your Comment/Question

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: