Local Account Passwords

Issue

Weak passwords are one of the main causes of security breaches. Examples of weak passwords are names of children or pets, or common words found in the dictionary, such as "happy."

It is outside the scope of this tool to check for all possible weak passwords on accounts. Rather, this tool only checks for a few commonly used weak passwords as outlined below:

Password is blank

Password is the same as the user account name

Password is the same as the machine name

Password uses the word "password"

Password uses the word "admin" or "administrator"

This check also notifies you of any accounts that have been disabled, or are currently locked out.

This check is not performed on domain controllers.

Solution

Adopt a strong password policy. This is one of the most effective ways to ensure system security. Refer to the articles below under Additional Resources for guidance on implementing strong passwords.

Instructions

To change password policy settings in Windows XP Home Edition

Open the Control Panel.
Select User Accounts.
Click on the user account you would like to change and select the Password function.

To change password policy settings in Windows XP Professional or Windows 2000

Click Start, point to Settings, and then click Control Panel.
Double-click Administrative Tools, and then double click on Local Security Policy.
Double-click the Account Policies folder, then select the Password Policy folder.
Double click the policy that you want to change and then specify the new policy setting.

To change password policy settings in Windows NT

Click Start, point to Programs, and then click Administrative Tools.
Click User Manager for Domains.
On the User menu, click Select Domain, and then type the local computer name.
On the Policies menu, click Account.
In Account Policy, change the password restrictions.

Additional Resources

Creating Strong Passwords

How to Enable Strong Password Functionality in Windows NT