Check or Attack Name: Domain Admin No Pwd

A Domain Administrator account has been detected with no password required. No password requirement allows attackers unauthorized access, including the ability to take over and replace processes, and access other computers on the network.

Make sure all new users are created with an initial, random password:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. Assign the user a password that is difficult to guess.

—AND—

Require users to use a minimum length for their passwords:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. From the Policies menu, select Account to display the Account Policy dialog box./LI>
3. In the Minimum Password Length field, specify a minimum length of at least seven characters.

—AND—

For maximum password security, apply the passfilt.dll password filter to reduce guessable passwords.

Microsoft Knowledge Base Article Q161990, How to Enable Strong Password Functionality in Windows NT, http://support.microsoft.com/support/kb/articles/q161/9/90.asp