The single most important aspect of information security is controlling and knowing who has access to a system. Often, the only thing between an unauthorized person and desired information is a user ID and password—two simple strings of characters. It makes sense to get a little creative about the composition of the user ID and password to ensure that an outsider cannot reach the information you need to protect.
First, a few principles. If you learn nothing else in this Short Cut, learn these principles. They are vital, and they apply universally to information systems, not just your new Vista system.
Use strong passwords. Don't use easily guessed passwords that others might know.
Keep your passwords to yourself.
Do not share your user account with others.
Do not write down your passwords. Well, okay, maybe you do need to write them down so that you do not forget them. If you do, keep those passwords locked away.
Use separate accounts for each user. If you are in a work or home setting where several people use a single computer, create a separate user account for each user, and make sure every user account has a password. There are some good reasons why users should have their own accounts:
Each user will have their own session and user cookies. This will prevent users from seeing each other's email and other sensitive information.
Each user will have their own preferences that they can set without adversely affecting other users.
Each user's Documents ...