Password Security in Your Organization
There are several things you can do to improve password security in your
organization:
- Use a strong Administrator password, and don't share it.
- Establish a password policy for organization members.
- Use a password filter to create or screen user passwords.
- Perform regular audits using LC4 to test the passwords in use.
- Restrict permissions on your SAM files.
- Enable auditing on password registry keys. See
this article on NTBugtraq for details on the above recommendations.
- Enable
NTLM 2 Authentication if feasible. This requires that you upgrade all
Windows 95/98 and Windows NT 4.0 computers on your network. Unfortunately,
because of the cost of implementing the patch, the most cost-effective
form of security often continues to be an organizational password policy
combined with the routine use of LC4 password auditing.
- Restrict physical access to machines (particularly domain controllers).
|