Check or Attack Name: guestuserpw

The Guest account has the password set to the account name. An attacker could use this account to gain access to sensitive information.

Windows NT 4.0 Service Pack 2 (SP2) contains a password filter that can be installed, and Service Pack 3 allows checking of dictionary passwords. We strongly recommend using non-trivial passwords.

Windows NT 4.0 Service Pack 2 (SP2) or Service Pack 3 (SP3) includes a password filter (PASSFILT.DLL) that allows system administrators to increase password strength. This filter is copied to %system root%\SYSTEM32 when the Service Pack is installed on the system. In networked environments, the password filter should be copied to the primary domain controller for the domain, and to any backup domain controllers in the event the server role in the domain changes.

—AND—

Set the administrator password to a minimum length of seven characters and change the password.

To set the minimum password length, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the Administrator account from the list.
3. From the Policies menu, select Account to display the Account Policy dialog box.
4. For the Minimum Password Length, require a minimum length of at least seven characters.
5. Click OK.
6. From the User menu, select Properties to display the User Properties dialog box.
7. Type and confirm a non-trivial password.
8. Click OK.

—AND—

To change the password, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the Administrator account from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. In the Password field, change the password.
5. In the Confirm Password field, confirm the password.
6. Click OK.