Account Security Audit

Enterprise 2023-07-15 18:34:58 views: null

1. Weakness description: Administrator default account name is easy to lead to brute force cracking

Implementation Risk: Low

Reinforcement process:

  1. Right click on My Computer | Manage
  2. Select "Computer Management (Local)"
  3. Select "Local Users and Groups" in "System Tools"
  4. Select "Users"

Select the administrator account in the right pane, right-click, and select "Rename"

Fallback: Rename the administrator account to administrator

2. The automatic login of the account is not prohibited

Weakness description: easy to cause misoperation or illegal operation

Implementation Risk: Low

Reinforcement process:

Click "Start and Run", type "regedit" in the input box to open the Registry Editor, and then click to expand "HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/Current Version/Winlogon" in the left console of the Registry Editor , and then select "Edit Add String Value", type "AutoAdminLogon" in the value name, then click on the blank position in the window, and then double-click the newly created string "AutoAdminLogon", in the pop-up "Edit String" Enter "0" in the dialog box to set the system to disable automatic login.

Method Two:

Open Run, enter "rundll32 netplwiz.dll,UsersRunDll", and in the pop-up "User Account" window, hook the hook in front of "To use this machine, the user needs to enter the user name and password".

Fallback solution: Delete the "AutoAdminLogon" key value item in the registry HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows NT/Current Version/Winlogon

Judgments based:

AutoAdminLogon key value is not 0 does not meet security requirements

3. Password Policy

Weakness description: It is easy to cause the account password to be guessed

Implementation Risk: Low

Reinforcement process:

Enter gpedit.msc in Run to open Windows Settings->Local Security Policy->Account Policies->Password Policy and set the relevant items as follows:

  1. Password must meet complexity requirements (enabled)
  2. Minimum password length (8 characters)
  3. Maximum password usage period (90 days)
  4. Password minimum age (2 days)
  5. Enforce password history (24 remembered passwords)

Store passwords with reversible encryption (disabled)

Fallback Solution: Restore Password Policy

Judgment basis: The password policy does not meet the security specifications

Guess you like

Origin blog.csdn.net/weixin_51590879/article/details/126662702
Recommended
The sixth meeting of openKylin Community Ecology Committee was successfully held
Alibaba Cloud officially releases Tongyi Qianwen 2.5
Python 3.13 releases first Beta: experimental free-threading mode and JIT, improved interactive interpreter
Stack Overflow used my code to train large AI models and banned my account.
Pop!_OS’s COSMIC desktop completes App Store listing
Report: Django is still the first choice for 74% of developers
"Internet Investment and Financing Operation in the First Quarter of 2024" Research Report
15 years ago, he was on the "FFmpeg pillar of shame", and today he still has to thank us - Tencent QQPlayer avenges its shame?
Ranking
Python handwritten digit recognition, the corresponding mathematical formulas and Detailed procedures
Der M-Chip-Mac implementiert mehrere Android-Emulatoren
CentOS 명령줄 모드에서 화면이 항상 켜져 있도록 설정 ---- 예상한 효과를 얻지 못했습니다.
Teach you step by step how to use GDB to debug programs: a comprehensive guide from entry to mastery
python3 pip ipython installation
A lot of python crawler source code sharing -- talk about the little thing about python crawler
Agile Sprint in Alpha Stage (7)
Access URL in Unity
FunctoinDemo form
MS SQL common SQL statements (6): create, modify, delete triggers and other operations sq
Daily
More
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)

Code World

© 2018 codetd.com