Problem solve Get help with specific problems with your technologies, process and projects.

Windows XP local accounts

If users are getting their e-mail through a Web interface rather than a VPN, make sure you're aware of the security implications.

Often, people will have computers running Windows 2000 and XP at their homes or small offices that aren't part...

of a Windows domain. These users use local accounts, where only the username and password are stored on that computer, instead of domain accounts. If this scenario sounds familiar, you may have something to worry about. This could happen if, for example, you're not running a VPN for connections from remote workers to the home office, and users are getting their e-mail through a Web interface.

In instances like these, users who are marginally concerned about security might not set passwords on their accounts because their computer is physically secured -- locked in a home or office. But these computers are still almost always connected to a network such as the Internet.

An interesting feature in Windows XP that enhances the security in these situations is the new way it handles accounts without passwords. In XP, unlike prior versions, you cannot log into a local computer across the network using an account with no password. However, you can still log in at the console.

This is an interesting compromise. While most security professionals would insist that passwords are always worth the effort, in XP you are at least somewhat less exposed if you choose to allow accounts with no passwords.

Remember, this does not apply to domain accounts, only local accounts. Also, the Guest account (if you haven't disabled it) is still able to log in across a network without using a password.

Thomas Alexander Lancaster IV is a consultant and author with over ten years experience in the networking industry, focused on Internet infrastructure.

This was last published in February 2003

Dig Deeper on Windows File Management

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.