After my research, you can set password protection for Windows startup from the following four aspects!
Password at the first layer: You can set BIOS password protection. There are two types of password protection at this layer. One is the SETUP password, that is, the password is entered only when the BIOS is entered. The other is the SYSTEM password, which is protected by the password entered when the SYSTEM is started. Here we can choose the second type, that is, SYSTEM password protection. We only need to enter the BIOS and set it accordingly.
Layer 2 password: PGP password protection. The Layer 4 password protection is the most secure, because it is encrypted by PGP. When setting, we only need to install the corresponding software to encrypt the entire hard disk we want to protect. When we start the system again, we must enter the corresponding password to enter the system. At present, there are no corresponding methods to crack this layer of protection, maybe I don't know. Currently, the other three methods have been cracked and implemented in quiet mode, that is, they do not change any information of the system.
Password Layer 3: syskey password protection, that is, the last password of the windows Password, that is, the password of the windows system is encrypted again. In this way, even if you know the windows Password and do not know the password, you cannot start the system.
Layer-4 password: This is our most common administrator password. Let me briefly describe what kind of security is set for the password. The password must be at least 14 characters in lowercase, uppercase, and numbers, A combination of special characters. At present, the security industry is also difficult to combine such methods.
Well, after the above four-layer password protection, our Windows is safer.
From: 0daysec.com