Your location:Tech News>OS>Windows Sever>Windows Server system account and password setting principles

Latest News

Windows Server system account and password setting principles

Author:fsadmin

Views:

Every user in the network has his own account and password. The security of the account and password is directly related to the user's system security and data security. There are two different types of user accounts in the Windows Server 2003 operating system. Let me tell you

that every user in the network has his own account and password. The security of the account and password is directly related to the user's system security and data security. There are two different types of user accounts in the Windows Server 2003 operating system. Let me tell you some knowledge about account and password security.

Everyone in the network has a name that represents \u0026ldquo;identity\u0026rdquo; called \u0026ldquo;user\u0026rdquo;. The user's authority is different the ability and scope of computer and network control are different. There are two different types of user accounts in the Windows Server 2003 operating system namely 'local user accounts' that can only be used to access the local computer (or use a remote computer to access this computer) and 'local user accounts' that can access all computers in the network. Domain user account\u0026rdquo;. The user account is the key to entering the network and the management of user rights is directly related to the security of the application system in the network. The essence of security is the use of permissions and permissions are given to each user. Therefore it is necessary to ensure that the user only has the necessary permissions and that the user's password is not cracked. In short only by ensuring the security of user accounts can real system security and data security be achieved.

  The password is the key for the user to log in to the Windows Server 2003 system. If there is no key it will take a lot of effort to log in to the target operating system. Regardless of the remote attack used by the intruder if the user password of the administrator or super administrator cannot be obtained the entire system cannot be fully controlled. If you want to access the system the simplest and necessary method is to steal the user's password. Therefore for the system administrator account the most important thing to protect is the password. If the password is stolen it means disaster is coming.

  Intruders mostly obtain administrator rights through various system and setting vulnerabilities obtain administrator passwords and then realize malicious attacks on the system. The weak password setting of the account will make it easy for intruders to crack and gain access to the computer and network while the strong password is difficult to crack even with password cracking software it is difficult to do it in a short time. Password cracking software generally uses three methods to crack: dictionary guessing combination guessing and brutal guessing. There is no doubt that cracking strong passwords is much more difficult than cracking weak ones. Therefore the system administrator account must use a strong password.

According to statistics about 80% of security risks are caused by improper password settings. Therefore the password setting is undoubtedly very skillful. When setting a password please follow the password security setting principle which is applicable to any occasion where a password is used including both Windows operating systems and UNIX/Linux operating systems.

  1) Do not allow the account and password to be the same

If the password is set to be the same as the user account then almost all All of the password cracking software will easily detect the password.

2) Do not use your own name

Use your own surname or first name or even your name as a password it is true Vulnerable. For this unit and those familiar with it the name is undoubtedly the first choice for attack because almost anyone can guess it. In addition in the password guessing dictionaries written by many intruders the surnames of hundreds of families are often listed one by one and placed at the forefront of the dictionary.

  3) English phrases are not allowed

  Some commonly used or unique English words are often the user’s favorite when setting a password . In their view this type of password is not only easy to remember but also highlights their own personality. But in fact those extremely clever intruders have already guessed and compiled them into the password guessing dictionary in detail. Therefore common English phrases must not be used as passwords.

  4) Cannot use dates with specific meanings

Using dates with specific meanings as passwords is loved by everyone of. This type of date usually includes one's own birthday parents' birthday children's birthday friend's birthday major holidays and personal anniversaries. Needless to say familiar people can guess even strangers can succeed by exhaustive methods. In the password guessing dictionary of the intruder almost all of the above combinations are listed.

  5) Don’t use simple passwords.

  A password brute force guessing software can try as many as 100000 times per second. The fewer words the simpler the characters and the fewer permutations and combinations and the easier it is to break.

In summary to ensure the security of the password the following rules should be followed:

  ◆User passwords should contain the upper and lower case of English letters numbers printable characters and even non- Print characters. It is recommended to use these symbols in permutation and combination in order to achieve the best confidentiality effect.

  ◆User passwords should not be too regular and do not use user names birthdays phone numbers and common words as passwords.

  ◆According to the principle of the Windows system password hashing algorithm the password length should be more than 7 digits preferably 14 digits.

  ◆Passwords must not be stored in the system in plain text. Ensure that the password is written on the hard disk in encrypted form and the file containing the password is read-only.

  ◆Passwords should be changed regularly. Old passwords should be avoided repeatedly and multiple sets of password naming rules should be adopted.

  ◆Establish account lock mechanism. Once the password of the same account has been checked incorrectly several times the connection will be disconnected and the account will be locked and then unlocked after a period of time.

?Windows Server preview build 17079 released today update one month

Recommend article

Relate article