The "blank password" option?.

Discussion in 'other security issues & news' started by vojta, Jun 29, 2010.

Thread Status:
Not open for further replies.
  1. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    First of all, sorry if it has been asked before. I made a search but couldn't find anything.

    What do you think of this recomendation from Microsoft?. Could it be dangerous if you get infected?. Is what those guys smoke healthy?.


    "The "blank password" option

    A blank password (i.e. no password at all) on your account can actually be more secure than a weak password such as "1234". Criminals can easily guess a simplistic password, but on computers using Windows XP, Windows Vista or Windows 7, a Windows account without a password will have the "Remote Desktop Connection" software disabled by default. (This option is not available for Microsoft Windows 2000, Windows Me, or earlier versions).

    You can choose to use a blank password on your computer account if these criteria are met:

    * You only have one computer or you have several computers but you do not need to access information on one computer from another one
    * The computer is physically secure (you trust everyone who has physical access to the computer)

    The use of a blank password is not always a good idea. For example, a laptop computer that you take with you is probably not physically secure, so on those you should have a strong password."


    Link:

    http://www.microsoft.com/nz/digitallife/security/create-strong-passwords.mspx
     
  2. chrisretusn

    chrisretusn Registered Member

    Joined:
    Jun 16, 2004
    Posts:
    1,322
    Location:
    Philippines
    A story.

    I was at a good friends house the other day. I have helped him in the past in recovering passwords. We got to talking computers over a few beers. He told me that he no longer has no problems remembering his passwords anymore and a good thing too. It was so good that I would not be able to crack it again. I told him your right, I probably won't. He insisted that I try. So we went in to bedroom were his computer is, he turns it on and then says have at it. I sat down and pressed the enter key. I was in.

    He is back to using passwords again. :)
     
  3. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Presonally I have a limited account with no password for everyone else, including guests (my own account is password-protected of course).
    The default-deny SRP should secure enough, not to mention password protected settings for security programs, and other limitations set by Windows on these accounts. Also got a sandboxed Firefox shortcut disguised as "Mozilla Firefox" on the desktop.

    Can you crack that? ;)
     
  4. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    It clearly states pros and cons :)
     
  5. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Or you can have your password and disable "Remote Desktop Connection" yourself? o_O
     
  6. vojta

    vojta Registered Member

    Joined:
    Feb 26, 2010
    Posts:
    830
    Yes, the only thing that's not clear for me is if malware could take advantage of the "blank password" once it has infected your computer.
     
Loading...
Thread Status:
Not open for further replies.