Vista Account Password Security

  • Thread starter Thread starter Bill Martin
  • Start date Start date
B

Bill Martin

Anyone know how secure Vista's account passwords are?

If I set one Vista account to share files over the net connection, is
that a major security breach? In theory one would need to know the
account name and password to access the files. But has every hacker
on the web already figured out how to get past this? Or some of them
anyhow?

Basically I'm asking whether I need remember to kill the share
capability whenever I take the machine out of the house like one had
to do with XP?

Thanks.

Bill
 
In article <ahhmq394d27bqulha2hukps7gkj0u0pl0j@4ax.com>,
Bill Martin <martin_spamtrap@verizon.net> wrote:
>Anyone know how secure Vista's account passwords are?
>

They're actually very secure. UNLESS you use trivial passwords.
The password isn't transmitted in plain text and the cryptography is
supposedly strong.

I'd turn off the share to be safe anyway. Often when these
things are compromised it's either a weak password or a flaw that allows
security to be bypassed.
 
> If I set one Vista account to share files over the net connection, is
> that a major security breach?

You have to be vigilant. There are also rules to create safe PWs. No PW with
your first or last name, no birth date, etc.
http://www.microsoft.com/india/smallbusiness/themes/use-safe-software/effectivepassword.mspx

>In theory one would need to know the
> account name and password to access the files.

Yes, this is true and a strong PW guarantees that the shares are safe.

>But has every hacker
> on the web already figured out how to get past this? Or some of them
> anyhow?

Apparently NO but they are trying hard. If you monitor the posts in this NG,
a lot of shadowy characters around here are trying to badmouth Vista,
suggest that people should go back to XP, Linux, etc. They monotonously
attack anyone who contradicts them. Vista is a knife in their heart and they
know it. All kinds of ridiculous statements could be read, quite hilarious
at times.

> Basically I'm asking whether I need remember to kill the share
> capability whenever I take the machine out of the house like one had
> to do with XP?

I do not quite understand this. If you take your machine out of the house
and you lose it, or it is stolen, then anyone who could break your sign in
PW will be able to compromise your files no matter what. It will all depends
on the strength of your PW.

If they install a new Vista over this HDD all files of any security
significance will be collected in Windows.old folder and the person will
come here asking for ways to break in. It is kind of unlikely they will be
able to do it, although I am not sure about the last part.

"Bill Martin" <martin_spamtrap@verizon.net> wrote in message
news:ahhmq394d27bqulha2hukps7gkj0u0pl0j@4ax.com...
> Anyone know how secure Vista's account passwords are?
>
> If I set one Vista account to share files over the net connection, is
> that a major security breach? In theory one would need to know the
> account name and password to access the files. But has every hacker
> on the web already figured out how to get past this? Or some of them
> anyhow?
>
> Basically I'm asking whether I need remember to kill the share
> capability whenever I take the machine out of the house like one had
> to do with XP?
>
> Thanks.
>
> Bill
 
On Thu, 7 Feb 2008 14:27:03 -0500, "alexB" <alexb@comcast.net> wrote:

>
>> Basically I'm asking whether I need remember to kill the share
>> capability whenever I take the machine out of the house like one had
>> to do with XP?
>
>I do not quite understand this. If you take your machine out of the house
>and you lose it, or it is stolen, then anyone who could break your sign in
>PW will be able to compromise your files no matter what. It will all depends
>on the strength of your PW.
----------------------------------

I'm separating the security issues of someone cracking into my disk
while in a public wifi cafe or hotel, from that of someone gaining
physical control of a stolen machine.

I do have critical files encrypted to provide some protection against
the latter case, but I'd still rather not have anyone rummaging my
disk or covertly installing viruses in the former case.

Using strong passwords is, of course, a first necessity. But even
that is moot so long as people cannot see/guess the userid itself. I
just want to understand that Vista doesn't expose that over a wifi
connection.

Bill
 
On Thu, 7 Feb 2008 18:46:42 +0000 (UTC), wrat@panix.com (the wharf
rat) wrote:


>... I'd turn off the share to be safe anyway. Often when these
>things are compromised it's either a weak password or a flaw that allows
>security to be bypassed.

The password issue I understand and control. It's the "flaw" issue
that worries me - it's under Microsoft's control. That's why I
thought I'd ask here if the user account login was widely known to be
a weak security barrier in Vista - as passwords are known to be for a
number of widely used application programs. Or whether people trust
it.

Thanks.

Bill
 
In article <tf5pq3lbgi5afducdk0ef6rnu869idvjrh@4ax.com>,
Bill Martin <martin_spamtrap@verizon.net> wrote:
>just want to understand that Vista doesn't expose that over a wifi
>connection.
>

Vista does not expose login information. It is encrypted in transit.

Well, unless you're connecting to an NT share...
 
Back
Top