Re: How to Assign a Password to Guest Account
From: Malke (malke_at_nospoonnotreally.com)
Date: 01/17/05
- Next message: Ken Blake: "Re: Opening attachments in Outlook Express using XP"
- Previous message: Bruce Chambers: "Re: Accessing DOS & BIOS"
- In reply to: Bob Stringer: "Re: How to Assign a Password to Guest Account"
- Next in thread: Bob Stringer: "Re: How to Assign a Password to Guest Account"
- Reply: Bob Stringer: "Re: How to Assign a Password to Guest Account"
- Messages sorted by: [ date ] [ thread ]
Date: Mon, 17 Jan 2005 08:27:04 -0800
Bob Stringer wrote:
> On Sun, 16 Jan 2005 06:00:25 -0800, OShah <shexec32@aol.com>
> wrote:
>
>>Are you running XP Professional or XP Home?
>
> Home.
>
>>[snip]
>
>>There is a way to set a password on the guest account on Home,
>> but I won't tell you how to do it (hint: google).
>>
>> It's highly recommended you DO NOT set a password on the
>> guest account.
>> Doing so can cripple XP's networking features.
>
> The reason I wanted to assign a password was that in several
> different places I had seen the recommendation to do so as a
> security measure.
>
> By googling as you suggested, I've now seen a lot of
> comments about not truly *disabling* the guest account, but
> nothing warning against password-protecting it. To the
> contrary, I again see references to the guest account's
> being a "hacker hole" and recommendations to assign a strong
> password to it. Here are just a few examples:
>
> <http://netsecurity.about.com/cs/windowsxp/a/aa042204_2.htm>
> <http://labmice.techtarget.com/articles/winxpsecuritychecklist.htm>
> <http://mywebpages.comcast.net/SupportCD/SecureXP.html>
>
> I'm not knowledgeable about computers, so I have no way of
> judging any of this. But before I read what you wrote, from
> a common sense standpoint it made sense to me that a
> password *should* be assigned to the guest account, for the
> same reason that it's a good idea to assign passwords to
> regular user accounts.
>
> Now that you say that giving it a password will cripple
> WinXP's networking feature, I'm certainly not going to do
> it, but then I still have the question: why isn't it a
> security risk to leave the guest account open to the world?
> How is that different from not assigning passwords to other
> user accounts?
>
> Thanks very much.
It *is* a security hole to have the Guest account enabled. XP Home uses
it so that networking will be easier and more transparent for home
users. In a mixed network, a non-home environment, or where you just
want to be safer and are using XP Pro, the Guest account should always
be disabled. It is disabled by default on operating systems designed
for secure network use out of the box, like Unix, Linux, and Win2k,
etc.
Most home users tend to think of the "Guest" account the same way they
think of "guests" in Real Life(tm) - that you are being hospitable.
This is not what the Guest account is for at all. It is supposed to
allow very limited use of network resources on an irregular basis. As
you have learned from your reading, if the Guest account is enabled and
someone gets access to it, they are then running with all privileges
and if they are good at what they do (hacking), you've just been
rooted.
If you have XP Home, you can protect yourself just fine by using a NAT
router if you have broadband and a firewall. If you only have dialup,
you still need a firewall. Third-party firewalls are better than the
one that is built into Windows XP, but require more knowledge to use
correctly.
HTH,
Malke
-- MS MVP - Windows Shell/User Elephant Boy Computers www.elephantboycomputers.com "Don't Panic!"
- Next message: Ken Blake: "Re: Opening attachments in Outlook Express using XP"
- Previous message: Bruce Chambers: "Re: Accessing DOS & BIOS"
- In reply to: Bob Stringer: "Re: How to Assign a Password to Guest Account"
- Next in thread: Bob Stringer: "Re: How to Assign a Password to Guest Account"
- Reply: Bob Stringer: "Re: How to Assign a Password to Guest Account"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
