Implementing network password security
Setting up a logon password for a user to access network resources is a security feature that most organizations have implemented as a standard security practice.
When implementing a network logon password for a user, the network administrator needs to consider the following:
Prohibit the sharing of Logon passwords amongst employees.
Do not use the default logon dialog box that comes with WINNT. If someone needs your password, a dialog box similar to WINNT logon can easily be created and can be used to collect passwords.
Set password length for each user between six to eight characters.
Avoid creating a logon dialog box that has "Welcome to ABC Company." This can be a "welcome" sign for someone who wants to access the network.
As a precaution, hide sensitive folders or servers from the network. Unauthorized users browsing the network would not see it and try hacking into it.
Apply user account lockout after 3 logon attempts.
All passwords must have a thirty-day lifespan, after which the user will be prompted to change the password.
Whenever a user forgets his/her password, Help Desk personnel must change it to a default password. Have the user logout from the network and logon again with the default password, which will prompt the user to change it when the default password
- is entered.
ALL temporary user accounts must have an expiration date.
ALL users must logoff from the network at the end of the work day or when they leave their desks.
If there are remote users who need access to the network have a separate password for dial-in and for access to the network. The lifespan for these passwords should be shorter than the thirty days for users of the network.
Implement an audit trail for all user accounts so that you can track who is accessing the network.
Adesh Rampat has 10 years experience with network and IT administration. He is a member of the Association Of Internet Professionals, the Institute For Network Professionals, and the International Webmasters Association. He has also lectured extensively on a variety of topics.
Did you like this tip? Whether you loved it or hated it, why not let us know? Email us to sound off, or go to our tips page to rank this and other tips, or to submit one of your own.
MCSE Training Kit: Designing Microsoft® Windows® 2000 Network Security
Author : Microsoft Corporation
Publisher : Microsoft Press
ISBN/CODE : 0735611343
Cover Type : Hard Cover
Pages : 864
Published : Jan 2001
Make the right design decisions to protect your business network--and prepare for the Microsoft® Certified Professional (MCP) exam--with this official Microsoft study guide. Work at your own pace through a system of case-study scenarios and tutorials to gain practical experience planning the security infrastructure for a Windows® 2000 network. As you build these real-world design skills, you're also preparing for MCP Exam 70-220--a core credit* on the Windows 2000 MCSE track.
This was first published in March 2001