Hi, this week I'm going to be telling you how to secure your computer from those unwanted guests. This is a series of tutorials but the first issue we will be
addressing is protection against someone who has physical access to your computer. These methods protect your computer not your files so if someone removed your hard drive they could open your files. In next week's tutorial we will prevent this.
Disclaimer
I am not responsible for
any damage you cause whilst following this tutorial. Nor am I
responsible for any actions you may take before, during or after reading this.
In other words don't blame me, this tutorial is for educational purposes only.
Most of us only want to keep family out of your computer and often a
strong password will keep the primitives at bay. But how do you know if your
password is strong? It should:
- Have a Mixture of lower case and upper case letters.
- Contain one or more numbers in
them
- Not consist of a word from
any dictionary
- If possible contain
punctuation.
- Not be easily guessed such as a pets name.
An example of a strong password is, for the chemistry geeks:
P3riod1C.Table and just
for the record this isn’t my password I only came up with it because I have a
periodic table on my wall and using the online password checker
howsecureismypassword.net you can see that it would take an average computer 4 billion years to crack your password and what sibling can ever be bothered to wait that long?
So that will keep out some of your family, but what about
those whom are more technically able? A simple password isn’t going to
keep them out. Why? Think about it: when
you send your PC off for repair how do the technicians gain access to your computer?
You see what Microsoft fails to tell their customers is that
they decided they want a backdoor in their system. This back door just happens
to be in the form of a secret, hidden Administrator account. What’s worse is
the security on this account; non-existent. That’s right folks, right now on
your Windows computer there is a massive gaping hole in your perfect password.
Don’t believe me? I’ll prove it: on your computer goto Start
> All Programs > Accessories > Command Prompt or type cmd.exe in your
start menu. This will open a black window which makes you look very hackeresque. Type in ‘net user’ into
this window, without the quotes of course, and this will list all the accounts
on your computer and as you can see Administrator is there.
|
I have blanked out the computer name for security reasons |
However we can quickly fix this. You have two choices you
can deactivate the account which I prefer because I can always access the data
should I ever need to or you can delete it however this is permanent. You will,
however, need your own administrator privileges (normally the person who had
access to the laptop first or install software) to make these security changes.
Re-open command prompt but this time right click on the icon
and click Run As Administrator. Read the message box and click allow (or the
equivalent)
To Deactivate (Recommended)
In Command Prompt type in ‘net
user Administrator’ this lists all the details of the account including the
last logon which can be useful. Now we are going to disable the account type:
net
user Administrator /active:no
You will receive a command saying
that the command completed successfully. If you wish to reactivate the account
just substitute no for yes.
To Delete
This is simple, yet I don’t think
it is anymore secure but should you wish to purge this account simply type
net
user Administrator /delete
You will receive a command saying
that the command completed successfully. This account will no longer be listed
if you type in net user.
But for those who, like myself, are truly paranoid there is
one more layer of security: a BIOS password. The Basic Input Output System is a
layer of computer software which we will not go into detail over however it is
separate to the OS and therefore it is harder to hack (however not that hard if
you know how). Again this password protects your computer not the files
stored on the hard drive.
Now this is the difficult part because it varies between
different computers and you have to hit the button at the right time. When you
turn on your computer you will be presented with your computer manufacturer
logo. At this point read the instructions at the bottom of the screen. The
option you want will say something like press [F2] to enter BIOS.
Now it doesn’t take a computer science degree to realise
that you need to press F2. This will bring you to another ‘hackeresque’ screen,
normally blue, you should note that your mouse will not work here. Navigate
using the arrow keys to the Security tab. Now navigate to the ‘Set Supervisor
Password’ and press enter. Now enter your password which is normally a maximum
of 8 characters remembering our guidelines from earlier on. One last thing is to ensure that Password
Check is set to Always this will mean you have to enter your BIOS password
every time you logon.
This approach is not practical, however, should you need to
share the computer. Make sure you Save and Exit.
If you get stuck or run into any problems just leave a comment below and I'll get back to you.
And that's it, your computer is protected against your family.
Until next time,
Kris
PS: I have created some cool graphics for A New Perspectives. You can get our desktop background below by clicking on it. Don't just right click and save because you won't have the right resolution.