Earlier versions of Microsoft software are loaded with password problems, but there are several things you can do to make the platform more secure.
One of the most dangerous problems is that it cache's passwords in a way that makes them just a little too easy to get. However, a quick registry entry can disable password caching. You can affect this change by invoking your registry editor and navigating to:
Then set "DisablePwdCaching" to dword:00000001. While you're in there, consider hiding your share passwords by setting "HideSharePwds" to dword:00000001 too.
NOTE: Consult your system administrator before editing your registry. Always make sure you have a current backup of your data and registry before making changes. Manually changing your registry is generally unforgiving and rarely recommended by Microsoft and can void your support.
For home users and others that do not log into a domain or corporate network, some simple, non-technical practices can protect you too. Start by understanding that your Windows login password and screen saver passwords are stored locally on your computer in encrypted files and if an attacker gets access to your PC (for example, if an Outlook virus emails the file to him across the Internet), that these files are easily decrypted. For that reason, you should never use the same password for other systems. For instance,
If you do log into a Windows domain or another type of corporate network, then it is possible to make your screen saver and Windows login both use the domain authentication. This lets you have a single password to remember, but it is not the same thing as having three passwords that are all set to the same word. Again, consult your system or network administrator for instructions specific to your network.
Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.
This was first published in May 2002