Password Security in Your Organization

There are several things you can do to improve password security in your organization:

  • Use a strong Administrator password, and don't share it.
  • Establish a password policy for organization members.
  • Use a password filter to create or screen user passwords.
  • Perform regular audits using LC4 to test the passwords in use.
  • Restrict permissions on your SAM files.
  • Enable auditing on password registry keys. See this article on NTBugtraq for details on the above recommendations.
  • Enable NTLM 2 Authentication if feasible. This requires that you upgrade all Windows 95/98 and Windows NT 4.0 computers on your network. Unfortunately, because of the cost of implementing the patch, the most cost-effective form of security often continues to be an organizational password policy combined with the routine use of LC4 password auditing.
  • Restrict physical access to machines (particularly domain controllers).