Windows NT account password guessed

Risk Level: High risk vulnerability  High

Check or Attack Name: guesseduserpw
Platforms: Windows NT
Description:

The password on a user account has been guessed. An attacker can gain access to sensitive system files.
Remedy:

Set the User password to a minimum length of seven characters and change the password.

To set the minimum password length, follow these steps:

  1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
  2. Select the user account from the list.
  3. From the Policies menu, select Account to display the Account Policy dialog box.
  4. For the Minimum Password Length, require a minimum length of at least seven characters.
  5. From the User menu, select Properties to display the User Properties dialog box.
  6. Type and confirm a non-trivial password.
  7. Click OK.

—AND&mdash:

To change the password, follow these steps:

  1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
  2. elect the user account from the list.
  3. From the User menu, select Properties to display the User Properties dialog box.
  4. In the Password field, change the password.
  5. In the Confirm Password field, confirm the password.
  6. Click OK.
References:
X-Force Logo
Know Your Risks