T1J said:
"Strong passwords on all privileged user accounts, including the
Administrator account"
What does the privileged user account means?
does it means all account with Administrative rights, just want to
make sure that I'm right on this one. kinda confuse
Shenan said:
Make all your passwords strong ones and then the confusion fades
away. =)
(An account does not have to have full administrative priviledges
to be granted certain rights that could be misused in a destructive
way - so no - it does NOT mean just all accounts with
administrative rights.)
So All Account should have password including Limited Account.
Depends on your situation, actually.
In general - my answer is "yes".
I do not know your situation. You have not given your situation.
I know that if someone has unobstructed physical access to your computer for
a given length of time - practically everything on it is fair game anyway.
It can be made more difficult by the use of BIOS/BOOT/Strong passwords on
all accounts. In general - the only use of strong passwords on a home
system is protection again theft (physical) and Internet hacking (as well as
family member snooping - I suppose - but that seems more a political thing.)
It is mostly just *good practice* - as you definitely don't want to use your
last name and year of birth as your bank/credit card/etc passwords on web
pages.
Understanding what a good password might be is vital to your
personal and system security. You may think you do not need to password
your home computer, as you may have it in a locked area (your home) where
no one else has access to it. Remember, however, you aren't always
"in that locked area" when using your computer online - meaning you likely
have usernames and passwords associated with web sites and the likes that
you would prefer other people do not discover/use. This is why you should
understand and utilize good passwords.
Good passwords are those that meet these general rules
(mileage may vary):
Passwords should contain at least six characters, and the character
string should contain at least three of these four character types:
- uppercase letters
- lowercase letters
- numerals
- nonalphanumeric characters (e.g., *, %, &, !,
Passwords should not contain your name/username.
Passwords should be unique to you and easy to remember.
One method many people are using today is to make up a phrase that
describes a point in their life and then turning that phrase into their
password by using only certain letters out of each word in that phrase.
It's much better than using your birthday month/year or your anniversary
in a pure sense. For example, let's say my phrase is:
'Great new job in January 2006'
I could come up with this password from that:
'Gr8n3wj0bJAN2006'
I highly recommend you periodically change your passwords.
The suggested time varies, but I will throw out a 'once in every
3 to 6 months for every account you have.'
Also - many people complain that they just cannot remember the passwords
for all the sites they have - so they choose one password and use it for
everything. Not a good idea. A much better method would be to use a
Password Management tool - so you only have to remember one password,
but it opens an application that stores your username/passwords for
everything else - plus other valuable information. One that I can
recommend:
KeePass Password Safe
http://keepass.sourceforge.net/
It can even generate passwords for you.
