Check or Attack Name: No Logon

A user has been detected who has never logged on. If the user was not created recently, consider deleting or disabling the account. Accounts that have never logged on are frequently created with standard passwords, and may create unauthorized access opportunities for an attacker.

Delete or disable the user.

Remove the account if it is not needed. To remove an account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user account to be removed.
3. Press Delete and confirm the delete action.

Disable the user account if it may be needed at a later time.

To disable a user account, follow these steps:

1. Open User Manager. From the Windows NT Start menu, select Programs, Administrative Tools (Common), User Manager.
2. Select the user from the list.
3. From the User menu, select Properties to display the User Properties dialog box.
4. Select the Account Disabled check box.
5. Click OK.