Tighten Logon Security for All Users
In Chapter 1, we discussed the tradeoffs between security and convenience. Tipping the balance too heavily in favor of convenience can be catastrophic to your security. Why make life easier for a would-be intruder? Forcing a secure logon can significantly decrease the likelihood that an unauthorized person will be able to break into your computer while you're away.

To disable the Windows XP Welcome screen, open Control Panel and run the User Accounts option. Click Change The Way Users Log On Or Off and then clear the Use The Welcome Screen box. Click Apply Options to make the change effective. (Note that making this change disables the Use Fast User Switching option.)


If you're using the so-called classic logon prompt (the default setting in Windows 2000 and an option in Windows XP), configure Windows so that every user is required to press Ctrl+Alt+Delete and provide his or her password to log on. The Secure Logon option is available on the Advanced tab of the User Accounts dialog box, shown in Figure 2-9. Windows 2000 users can access these settings from the Users And Passwords option in Control Panel; if you're using Windows XP in workgroup or stand-alone mode, enter the command control userpasswords2 to open this dialog box.


Figure 2-9. For additional logon security, select the option at the bottom of this dialog box so that every user must press Ctrl+Alt+Del to log on.
Finally, make sure that the autologon feature is not enabled. Open the Users And Passwords dialog box as described in the previous paragraph, click the Users tab, and select the Users Must Enter A User Name And Password To Use This Computer option.

For many more details about removing vulnerabilities in the logon process, see Configuring the Logon Process for Security.

Libellés : Logon, Security, Tighten, Users