Although an absolutely secure password does not exist, a relatively secure password can still be implemented. WinXP can make our passwords stand up to the test with local security settings. First, set a reliable password
Enter "secpol.msc" in the "Start" → "Run" window and press Enter to open the "Local Security Settings Window". Or open this setting interface through "Control Panel" → "Administrative Tools" → "Local Security Policy". In the "Local Security Settings" window, expand "Account Policy" → "Password Policy". In the right pane, a series of password setting items will appear. After this configuration, you can establish a complete password policy. The password is protected to the utmost extent. ● Force Password History This setting determines how many passwords the user has used. Many people know that it is a good idea to change passwords frequently, which can improve the security of passwords. However, due to personal habits, there are often a limited number of passwords. Configuring this policy allows the system to remember the passwords that the user has used. If the new password is replaced with a duplicate in the system's "memory", the system will give a prompt. By default, this policy does not save the user's password, you can set it according to your own habits. It is recommended to save more than 5 (up to 24 can be saved). ● Maximum password retention period This policy determines how long a password can be used, and then expires. When the password expires, the system will ask the user to change the password. If set to 0, the password never expires. Under normal circumstances, it can be set to 30 to 60 days. The specific expiration time depends on how strict your system's security requirements are. The maximum length can be set to 999 days. ● Minimum password retention period This policy determines how long a password will be modified before it can be used. A setting of 0 means that a password can be reused without restriction, with a maximum of 999. This strategy, combined with "forced password history", can tell if the new password was previously used, and if so, it cannot continue to use the password. If the "shortest password duration" is 0 days, that is, the password never expires, setting "force password history" is useless, because no password will expire and the system will not remember any password. Therefore, if you want to make the "Force Password History" valid, you should set the value of "Live Password Duration" to be greater than 0. ● Minimum password length This policy determines the length of a password, with valid values between 0 and 14. If set to 0, it means that no password is required. This is the default value of the system. From a security perspective, it is very dangerous to allow users who do not need a password. It is recommended that the password be no less than 6 digits in length. ● Password must meet complexity requirements If this policy is enabled, the system will check if the password is valid according to the following rules when setting and changing a password: ◇ The password cannot contain all or part of the username. ◇ At least 6 characters. The password must contain three of the following four categories: Uppercase English letters A to Z. Lowercase English letters a to z. The basic 10 numbers, 0 to 9. Special characters such as "!", "$", "#", "%", etc. With this policy enabled, I believe that your password will be safer because the system will force you to use this highly secure password. If you do not meet this requirement when creating or modifying a password, the system will prompt you to re-enter the required security password. From the above settings, we can easily get a simple and effective password security solution, that is, first enable the "Password must meet the complexity requirements" policy, then set the "short password retention period", and finally open the "force password history." After setting, reset the administrator's password in the “Control Panel”. The password is not only safe in itself (not less than 6 digits and contains different categories of characters), and it is not easy to appear in the future when changing the password. Repeatedly. Such system password security is very high. Note: Due to the complexity of the password itself and the fact that it is not allowed to be reused, users may use passwords that are not easy to remember, which makes it easy to forget the password. Although such a password is safe, once you forget the password, you may not be able to enter the system yourself. Therefore, when setting the password, you must pay attention to the "Password Prompt" setting, so you can remember what password you are using at a glance. Second, rename and disable the default account
After installing Windows, the system will automatically create two accounts: Administrator and Guest, where Administrator has the highest authority, Guest has only basic permissions and is disabled by default. Although such an account setting is convenient, it seriously jeopardizes the security of the system. If there is a hacker or other malicious damage, the system's super username will be exposed immediately, and the vandal will immediately find the password in a targeted manner. As we mentioned earlier, absolutely secure passwords do not exist. Therefore, for system security, you can change the name of the Administrator account and create a fake Administrator account with almost no permissions. The specific method is as follows. Open the "Local Security Settings" dialog box, expand "Local Policies" → "Security Options", in the right pane there is a "Account: Rename System Administrator Account" policy, double click to open it, reset the Administrator A dull username. Then create a new restricted user named Administrator to confuse the intruder. Note
: The Windows XP Home version has a very limited restriction on the use of MMC-based security management, and the default Administrator user is hidden. You cannot see this username in the User Account. Change the properties of the Administrator user. The only solution is to enter safe mode, when the hidden Administrator user will appear in the user selection list, the default password is empty, how? Dangerous enough! After logging in with the Administrator user, although there is no way to delete this user, you can't change the username, but you can add a complicated password. The 12 or more irregular passwords can hardly be cracked. Add it.