Check or Attack Name: Disabled Account User Pwd

A disabled user account is using its username as the password. Weak passwords allow attackers unauthorized access, including the ability to take over and replace processes, and access other computers on the network.

Remove the user account if it is not needed.

To remove a user account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user from the list.
3. Press Delete and confirm the delete operation.

For maximum password security, apply the passfilt.dll password filter to prevent using a username as a password. See Microsoft Knowledge Base Article Q161990 "How to Enable Strong Password Functionality in Windows NT" at http://support.microsoft.com/support/kb/articles/q161/9/90.asp.