Security Basics mailing list archives

Re: using Administrator-Account with empty password

From: "dupes Mothepu" <dupesm () gmail com>
Date: Tue, 3 Jun 2008 18:12:07 +0200

I think it all depends on what it is you're trying to achieve. A blank
administrator password works for network access but isn't so useful
for phsyical access.

To remedy this, you can try the Deny Logon Locally and Log on Locally
settings in your Local Security Policy. If you have Everyone in the
the former then no one should be able to log onto your machine
physically, not even administrators.

If this is too extreme, then you could rather configure the latter one
and set only a select few people who you want to be able to log on
locally, removing the Administrators group from it.

Just remember that deny rules supercede allow rules. So be careful
that you don't have conflicting entries in the two settings.

In this case I think the blank administrator password may work for you.

my 2c.

Molupe Mothepu
Info Security Officer
Lesotho Revenue Authority

Current thread:

using Administrator-Account with empty password Scan_it (Jun 02)
- Re: using Administrator-Account with empty password Ansgar -59cobalt- Wiechers (Jun 02)
- RE: using Administrator-Account with empty password Craig Wright (Jun 03)
  - Re: using Administrator-Account with empty password dupes Mothepu (Jun 03)
  - Re: using Administrator-Account with empty password Scan_it (Jun 03)