Log In | Register
MICHAEL SAUTTER
Veteran of Foreign Peace - Returned Peace Corps Volunteer
Articles Posted: 652; Links Seeded: 5578
Member Since: 3/2006Last Seen: 11/27/2009
Member Since: 3/2006Last Seen: 11/27/2009
16 Votes
17 Comments
Set a Blank Password in Windows XP To Protect the Computer from Internet Attacks
News Type: Event — Seeded on Thu Mar 6, 2008 10:27 AM EST
Article Source: labnol.orgadvertisement
Some useful information. Your Windows XP computer is more safe if you don't set any password at all than using some weak password like "abc123" which can be easily guessed by hackers.
Using a blank password (or no password at all) makes your computer more secure because Windows XP accounts, that are not protected by a password, cannot be accessed remotely over the network or the Internet.
Published to:
- Michael Sautter's Column, All of Newsvine
- Groups: GeekVine
- Regions: none
- Public Discussion (16)
- GeekVine
What's this?
Who's leading the conversation?
This visualization below allows you to see the impact that each user
has on the current conversation.
The top row contains the group of users who have had the most impact, the 2nd
row the group of users who have had the 2nd most impact (et cetera).
Users with similar impact are grouped together, and the average score of the group
is shown to the left of the group. The author of the article is also shown on the
left, in their corresponding group.
Each user's score is based on the number of comments the user has made plus the
number of votes their comments have received. The scores are calculated relative
one another, so while their absolute value is not particularly important, their
relative difference does indicate a larger difference in impact on the conversation.
10
4.5
{"commentId":1547122,"authorDomain":"michaelsautter"}
Microsoft even seems to recommend this.
{"commentId":1547122,"threadId":"230325","contentId":"1347605","authorDomain":"michaelsautter"}
- 2 votes
#1 - Thu Mar 6, 2008 11:02 AM EST{"commentId":1548066,"authorDomain":"thura"}
That is so lame that the safest thing for your computer is NOT to set a password.
{"commentId":1548066,"threadId":"230325","contentId":"1347605","authorDomain":"thura"}
- 3 votes
{"commentId":1547341,"authorDomain":"anthopos"}
That's interesting. Working with Unix, I'd never think of making a login safer by not using a password.
{"commentId":1547341,"threadId":"230325","contentId":"1347605","authorDomain":"anthopos"}
- 3 votes
#2 - Thu Mar 6, 2008 11:57 AM EST{"commentId":1547374,"authorDomain":"DrKnow"}
The problem with really STRONG passwords is that you cannot remember them. At one point we had to have a different password for access to different parts of a system. We had to change it every month. We were not allowed to continue the same password. After a while a memo came out, "it is not proper to have your password on a sticky note on your monitor".
Just how are people to remember 6 or 8 'strong' passwords that have to be changed every 4 weeks?
{"commentId":1547374,"threadId":"230325","contentId":"1347605","authorDomain":"DrKnow"}
- 4 votes
{"commentId":1547420,"authorDomain":"anthopos"}
What I nightmare. I have my passwords encyrpted on a thumb drive. That way I only have to remember one strong password.
{"commentId":1547420,"threadId":"230325","contentId":"1347605","authorDomain":"anthopos"}
- 4 votes
{"commentId":1547569,"authorDomain":"newsguru"}
That's exactly what I do too Perry.
I'm guessing passwords will end up having to be so complex one day, we'll probably have to write them down.
{"commentId":1547569,"threadId":"230325","contentId":"1347605","authorDomain":"newsguru"}
- 3 votes
{"commentId":1547953,"authorDomain":"DeepThought"}
Windows passwords need be at least 20 characters long and consist of alphanumeric (upper & lower case) and special symbols to prevent the password being revealed by a custom rainbow attack.
If your windows password is just alphanumeric and under 14 characters long, it should take less than a minute to reveal using a special CD.
Try OphCrack:
http://ophcrack.sourceforge.net/
{"commentId":1547953,"threadId":"230325","contentId":"1347605","authorDomain":"DeepThought"}
- 2 votes
{"commentId":1548238,"authorDomain":"JoulesBeef"}
writing them down not a bad idea..
change one char in a 20 char password and noone will know why it doesn't work.
ophcrack rocks and is scry.. I remember when what it did took days not minutes.
you can have a thumb drive login.. like natural login that holds a "key" to let you in, isntead of a pass.
(still uses a pass but you can make it huge and just use the key)
also it is a good idea to encrypt anything you wouldn't wanted posted on a public wall. total disk encryption rocks. I recommend true crypt highly. they just came out with a new version.
true crypt also has some plasuible deniability.. where you can make a fake container incase ou are tortured for your pass. The fake container can be a complete os.
{"commentId":1548238,"threadId":"230325","contentId":"1347605","authorDomain":"JoulesBeef"}
- 2 votes
{"commentId":1547563,"authorDomain":"proton01"}
This cannot be true. Brute force attack program most likely will try $null before moving onto the password list.
{"commentId":1547563,"threadId":"230325","contentId":"1347605","authorDomain":"proton01"}
- 2 votes
#3 - Thu Mar 6, 2008 12:50 PM EST{"commentId":1547619,"authorDomain":"anthopos"}
Windows XP accounts, that are not protected by a password, cannot be accessed remotely over the network or the Internet.
Sounds like XP wouldn't let them in even if they did try $null.
{"commentId":1547619,"threadId":"230325","contentId":"1347605","authorDomain":"anthopos"}
- 5 votes
{"commentId":1547957,"authorDomain":"DeepThought"}
It wouldn't matter if it did. The local Security policy has a setting that prevents remote logins if the password is not set.
{"commentId":1547957,"threadId":"230325","contentId":"1347605","authorDomain":"DeepThought"}
- 3 votes
{"commentId":1548245,"authorDomain":"JoulesBeef"}
I also use ids that would lock someone out tryign to brute force.
no reason to let someone have 100 trys before lockout.
{"commentId":1548245,"threadId":"230325","contentId":"1347605","authorDomain":"JoulesBeef"}
- 1 vote
{"commentId":1547591,"authorDomain":"proton01"}
This cannot be true. Brute force attack programs typically try $null before moving on the password lists.
{"commentId":1547591,"threadId":"230325","contentId":"1347605","authorDomain":"proton01"}
- 1 vote
#4 - Thu Mar 6, 2008 12:55 PM EST{"commentId":1547732,"authorDomain":"Rigbee"}
Brute force attack programs are useless if you can't access the computer.
{"commentId":1547732,"threadId":"230325","contentId":"1347605","authorDomain":"Rigbee"}
- 2 votes
{"commentId":1547931,"authorDomain":"michaelsautter"}
Would this work in Windows Vista as well?
{"commentId":1547931,"threadId":"230325","contentId":"1347605","authorDomain":"michaelsautter"}
- 1 vote
#5 - Thu Mar 6, 2008 2:23 PM EST{"commentId":1548269,"authorDomain":"JoulesBeef"}
don't run your computer as admin
being behind a router rocks.. think about it.
get a good intrusion detection system.. I like snort.
encrypt your private files and data.
honey pots can be fun.. give the hackers something to keep them buzy(wonder what the pass to that thing that sez credit card passes is... lol)
rename the admin account
disable the guest accounts.
another stoopid trick that fools some kiddies..(ok wont fool the elite for long)
make a new account called administrator with an insane passord, but make it really a limited user account.. if they finally break in they will have no rights to do anything.
or don't listen to me
read what the US NSA has to say on securing your XP
these guides really rock.
{"commentId":1548269,"threadId":"230325","contentId":"1347605","authorDomain":"JoulesBeef"}
- 3 votes
#6 - Thu Mar 6, 2008 3:54 PM EST{"commentId":1552330,"authorDomain":"Sideways"}
Well, if XP disallows blank remotes, then somewhere it's told to do that. ;)
{"commentId":1552330,"threadId":"230325","contentId":"1347605","authorDomain":"Sideways"}
- 1 vote
#7 - Fri Mar 7, 2008 3:28 PM EST{"canLink":false,"threadId":"230325","isPrivate":false}
You're in Easy Mode. If you prefer, you can use XHTML Mode instead. |
As a new user, you may notice a few temporary content restrictions. Click here for more info.
Start Tracking
Stop TrackingCOMPANY STUFF:
LEGAL STUFF:
- © 2005-2009 Newsvine, Inc. |
- Newsvine® is a registered trademark of Newsvine, Inc. |
- Newsvine is a property of
