Set a strong password for Windows XP

Source: http://soft.yesky.com

Although the absolutely secure password does not exist, the relatively secure password can still be implemented. In WinXP, we can use local security settings to make our passwords stand the test.

1. Set a reliable Password

In the Start> Run window, enter secpol. msc and press enter to open the local security settings window ". You can also choose "Control Panel"> "Administrative Tools"> "Local Security Policy" to open this setting interface.

Expand "Account Policy"> "password policy" on the left side of the "Local Security Settings" window. A series of password settings appear in the right pane, you can create a complete password policy to maximize password protection.

● The force password history setting determines the number of passwords used by users. Many people know that changing the password is a good way to improve the security of the password. However, due to personal habits, changing the password is usually a limited number of passwords. By configuring this policy, the system can remember the passwords that the user has used. If the new password is the same as the one in the system's "Memory", the system will prompt you. By default, this policy does not save the user's password. You can set it according to your habits. We recommend that you save more than five passwords (up to 24 passwords can be saved ).

● The password retention period determines how long a password can be used and will expire later. When the password expires, the system will ask the user to change the password. If it is set to 0, the password will never expire. Generally, it can be set to 30 to 60 days. The specific expiration time depends on the strict security requirements of your system. The maximum number of days is 999.

● The minimum password retention period determines how long a password can be modified. If it is set to 0, a password can be reused without limit. The maximum value is 999. This policy is combined with "force password history" to know whether the new password has been used before. If yes, you cannot continue using this password. If the "password shortest retention period" is 0 days, that is, the password never expires, setting "force password history" does not work because no password will expire, the system will not remember any password. Therefore, to make "force password history" valid, set the value of "password shortest retention period" to greater than 0.

● The minimum password length policy determines the length of a password. The valid value ranges from 0 to 14. If it is set to 0, the password is not required. This is the default value of the system. From the security perspective, it is very dangerous to allow users who do not need the password. It is recommended that the password length be no less than 6 characters.

● The Password Must Meet the complexity requirement. If this policy is enabled, the system will check whether the password is valid according to the following rules when setting and changing a password:

◇ The password cannot contain all or part of user names.

◇ It must contain at least 6 characters.

◇ The password must contain three of the following four categories:

Uppercase letters ~ Z.

Lowercase letters ~ Z.

10 basic numbers, 0 ~ 9.

Special characters, such as "!", "$", "#", "%", Etc.

With this policy enabled, we believe your password will be safer, because the system will force you to use this secure password. If you do not meet this requirement when creating or changing the password, the system will prompt you and ask you to re-enter the security password that meets the requirements.

From the above settings, we can easily get the simplest and most effective password security solution, that is, first enable the "Password Must Meet Complexity Requirements" policy, and then set the "password shortest retention period ", finally, enable "force password history ". After the administrator password is set, the administrator password is reset on the "control panel". The password is not only safe (no less than 6 Characters and contains different types of characters ), in addition, it is not easy to repeat the previous change in the password in the future. Such a system password is highly secure.

Note: Because the password itself is complex and cannot be reused, you may use a password that you are not easy to remember, which leads to easy password loss. Although such a password is safe, you may not be able to enter the system any longer if you forget the password. Therefore, you must pay attention to the setting of "password prompt" when setting the password, so that you can remember what password is used at a glance.

Ii. Rename and disable the default account

After Windows is installed, the system automatically creates two accounts: Administrator and Guest. The Administrator has the highest permissions, and Guest has only the basic permissions and is disabled by default. This account is easy to set, but it seriously harms the security of the system. If a hacker invades or suffers other malicious damages, the Super User Name of the system will be immediately exposed, and the hacker will immediately find the password. As we mentioned earlier, the absolutely secure password does not exist. Therefore, for the sake of system security, you can change the Administrator account name, create a False Administrator Account with almost no permissions. The specific method is as follows.

Open the "Local Security Settings" dialog box, expand "Local Policy"> "Security Options" in sequence, and then click "account: Rename System Administrator Account" in the right pane, reset a plain user name for Administrator. Create a restricted user named "Administrator" to confuse intruders.

Note: The Windows XP Home version imposes great restrictions on the use of MMC-based security management, and the default Administrator user is hidden, the user name cannot be seen in the "User Account", and the Administrator user's attributes cannot be changed. The only solution is to enter the security mode, and the hidden Administrator user will appear in the user selection list. The default password is blank. How can this problem be solved? Dangerous enough! After logging on as an Administrator user, you cannot delete the user or change the user name. However, you can add a complex password, and the irregular password with more than 12 characters cannot be cracked, add it.