Asked By Sparky
16-Nov-09 09:58 PM
About to take delivery of a new Win7 box and I am curious about assigning
passwords
I found this page
http://unixwiz.net/techtips/win7-limited-user.html
Which includes an interesting paragraph
Curiously enough, it is not always necessary to have a password on an
account. Since an account with a blank password cannot be accessed over the
network, you can substantially reduce the attack surface of a machine this
way.
But this requires that you have good control of physical security over the
machine: if there are users on the machine (or in the environment) who are
not allowed to perform administrative duties, it would be a poor idea to
have a blank password because it would allow anybody to walk up to the
computer and go to town.
In addition, a laptop that leaves the house is probably not a good candidate
for a blank password because physical security is seriously problematic.
For most home users, it probably does not really matter that much how you
choose your password schemes, but if you have any questions about this,
please present your scenario to a trusted security adviser for guidance.
I intend to create an Admin account and a Standard user account ( for daily
use )
Under those conditions , do I really need to assign passwords during the
initial setup ?
Thanks