Disable automatic logons. Under Windows XP and Windows 2000, your computer can be configured to bypass the Log On To Windows dialog box completely. In this configuration, Windows automatically enters a default user name and password whenever your computer starts up. This means that anyone who has physical access to your computer can log on by flipping the power switch—even if your computer is currently turned on and you're logged off. (Think autologon is safe on a home computer? Think again. We advise against it because of the risk that a thief might steal the computer and gain access to sensitive information just by turning it on.) As Figure 2-4 shows, you can configure this option to use any account and password.


Figure 2-4. The autologon feature automatically enters the specified user name and password at startup. For most Windows users, this is a security risk.
TIP
--------------------------------------------------------------------------------

Set up a safe autologon option

In general, we strongly discourage the use of autologon—especially when the default account is a member of the Administrators group. However, in one circumstance, autologon is safe and sensible. For a computer shared by several workers who log on with the same account, or for one set aside for use by the public (in the lobby of an office building, for example), it makes sense to set up a highly restricted user account and use it as the default account. In case of a power failure or accidental reset, the system will automatically start up with this default account rather than leaving users at a cryptic logon screen.

Libellés : automatic, Disable, Logons