Should I use a password to log-on ?

Hello Forum,
I am the only one using my Pc, Should I use a password to log-on.and why.Thanks.
Badcompany.

 

Re: Password

Do other people have physical access to it? Are there things on it you do not want others to see? If so, then yes.

 

Re: Password

Hi thunderz,
Nobody as physical access to my Pc only me.I keep reading on forums that you should always use a password for security reasons, even if you are the only one using the Pc.Is it possible for a hacker to gain entry into your Pc if you don't have a password.My knowledge of computers is very limited.
BC.

 

Re: Password

To be totaly honest, that is a question I have been meaning to ask myself. I am not sure if a password will protect you from an "online" attack versus having physical access to it. Hope someone will come along with a yes or no answer. Then we will both know.

 

Re: Password

Thanks for your replys,I am sure someone will give us a answer.
BC.

 

Passwords were designed for multi user systems. If you are the only user, not an issue.

The techniques to protect youself from hackers once you're are logged onto the system:

Good security programs such as Firewalls, AV's, HIPS.

Running as a limited user.

Data encryption - passwords do play a role in here.

Regards - Charles

 

Hello Charles,
Thank you for the info, much appreciated.
Badcompany.

 

If you have a physically secure PC then a login password is not critical - I don't use one on the desktop PC either but I do run as a local user, not as an administrator.

"OK, I know you’re bursting already: “No password?!?! Are you insane?!?!” Cool down, now. Starting with Windows XP, a blank password is actually more secure for certain scenarios than a weak password. By default, an account with a blank password can be used only for logging on at the console. It cannot be used for network access, and it cannot be used with RunAs. The user experience of just clicking on your name to log on can’t be beat for simplicity. If you can trust everyone who has physical access to the computer not to log on as someone else or abuse the admin account, this is a great way to go. If not, you can always enable passwords."

http://blogs.msdn.com/aaron_margosis/archive/2004/06/17/158806.aspx

 

regarding online attack, no password can sometime be better than a weak password. Eg if an account have no password, windows will disable any remote access feature. If you do have a weak password, someone can find your computer, trya few password and then login.

Also if someone have physical acces to computer ... password is useless. it's a matter of botting in an alternate os and use one of the many password reset tool to remove your password.

If you browse the net as a limited / power user then you may benefit from using password. Eg you browse the web with limited provolege.... but when something need a admin user you use launch process as (wich need a password) and you give admin power for a tempoary time to an application.

The situation is different if you are in a network with the attacker, because some security feature are down when you are on a computer on your network. Then the worst that can happen is that the attaquer guess a good login like : Guest/admin/administrator/<same name as computer> with no password. He'll be able to do all of what that acount is able to do remontly.

where a password is very important is on your router. A friend of mine made a prog to show me how easy to exploit is. You prompt a couple ip with port 80 or other used port in remont login. THen you try the default password that router have out of the box. You can then target an ip range that are associated with high-speed connection. once you have a access to the router, you can make a vpn connection to it and use his connection as a proxy.