Setting Up User and Group Accounts

The single most important aspect of information security is controlling and knowing who has access to a system. Often, the only thing between an unauthorized person and desired information is a user ID and password—two simple strings of characters. It makes sense to get a little creative about the composition of the user ID and password to ensure that an outsider cannot reach the information you need to protect.

First, a few principles. If you learn nothing else in this Short Cut, learn these principles. They are vital, and they apply universally to information systems, not just your new Vista system.

  • Use strong passwords. Don't use easily guessed passwords that others might know.

  • Keep your passwords to yourself.

  • Do not share your user account with others.

  • Do not write down your passwords. Well, okay, maybe you do need to write them down so that you do not forget them. If you do, keep those passwords locked away.

  • Use separate accounts for each user. If you are in a work or home setting where several people use a single computer, create a separate user account for each user, and make sure every user account has a password. There are some good reasons why users should have their own accounts:

    • Each user will have their own session and user cookies. This will prevent users from seeing each other's email and other sensitive information.

    • Each user will have their own preferences that they can set without adversely affecting other users.

    • Each user's Documents ...

Get Securing the Vista Environment now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.