Check or Attack Name: usernopw

A User account has been detected with no password required. No password requirement allows attackers unauthorized access, including the ability to take over and replace processes, and access other computers on the network.

Set the user password to a minimum length of seven characters and change the password.

To set the minimum password length, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user account from the list.
3. From the Policies menu, select Account to display the Account Policy dialog box.
4. For the Minimum Password Length, require a minimum length of at least seven characters.
5. Click OK.

—AND—

To change the password, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. In the Password field, change the password.
5. In the Confirm Password field, confirm the new password.
6. Click OK.

—AND—

For maximum password security, apply the passfilt.dll password filter to reduce guessable passwords.

Microsoft Knowledge Base Article Q161990, How to Enable Strong Password Functionality in Windows NT, http://support.microsoft.com/support/kb/articles/q161/9/90.asp