No Password securer than a weak password? - gHacks Tech News

No Password securer than a weak password?

According to Digital Inspiration that's the case if you are using Windows XP because leaving the password blank makes it impossible to connect to the computer remotely.

The link given in the article, which points to the Password Strength & Password Security page at Microsoft.com is unfortunately not available at this point.

It is however still accessible through Google Cache and the article indeed contains a paragraph entitled The "blank password" option. The blank password is only more secure than a weak password like 1234 which can be easily guessed by a brute force attack. The article recommends this only if the location is physically secure and only if you don't use multiple computer systems and need to connect to the computer in question remotely.

While this may be a sound advice for some it is in my opinion way better to choose a secure password instead of none. It could be an option for the forgetful.

It may be convenient to have no account password especially if you are the only user on the computer. I don't use passwords for the account for example but I do encrypt the whole system so that no one can gain access to it without the proper password.

While it may or may not protect against remote attacks, a far better option in this situation is to block remote access to the computer.

This can be configure in the firewall for instance and if you disable certain network features on the computer, it is also not possible to use them to establish a connection to the Windows PC.

Update: The cached article is no longer available in Google search. It is likely that Microsoft has changed their stance in the meantime.





  • We need your help

    Advertising revenue is falling fast across the Internet, and independently-run sites like Ghacks are hit hardest by it. The advertising model in its current form is coming to an end, and we have to find other ways to continue operating this site.

    We are committed to keeping our content free and independent, which means no paywalls, no sponsored posts, no annoying ad formats (video ads) or subscription fees.

    If you like our content, and would like to help, please consider making a contribution:

    Comments

    1. Yonatan said on March 6, 2008 at 3:03 pm
      Reply

      You can also disable all remote connections via group policy, as well as disable services that allow for remote connections.

    Leave a Reply