By default, Windows has two built in very well known account names, they are:
- Administrator
- Guest
I cannot stress enough, how well known these two accounts are across the Internet .
So it is very important to take the following steps.
a) Rename both accounts.
b) Choose a very unusual name
c) Guest account is disabled by default. DO NOT ENABLE IT!
d) Set a very strong password for both accounts
e) Disable DIAL-IN for Guest account
f) For admin accounts, choose a 12 character password or longer
g) In the password use Capitals, Numbers, Symbols and lower case
Note we will not prevent a break in by renaming these accounts, but we will make it at least a bit harder. By making it harder, you give yourself time.
Don't just rename the Administrator account to 'admin' this is even easier to guess. Use your imagination, create a theme for your admin account names. Use long numbers.
Rename these accounts before you put your server or client in production, make it part of your security base line policy.
Remember never leave default user names.
by Renato de Oliveira
No comments:
Post a Comment