1 00:00:01,690 --> 00:00:03,770 Usernames and Passwords. 2 00:00:03,770 --> 00:00:05,100 How do you log in to your computer 3 00:00:05,100 --> 00:00:07,150 or your favorite website each day? 4 00:00:07,150 --> 00:00:08,190 If you're like most people, 5 00:00:08,190 --> 00:00:10,780 you're probably using a username and a password, right? 6 00:00:10,780 --> 00:00:12,660 It is by far the most commonly used 7 00:00:12,660 --> 00:00:14,570 authentication system out there. 8 00:00:14,570 --> 00:00:16,900 Now most companies use a standard naming convention 9 00:00:16,900 --> 00:00:19,070 for their usernames so you might see something like 10 00:00:19,070 --> 00:00:21,750 first name.last name@yourcompany.com. 11 00:00:21,750 --> 00:00:22,583 The problem with this 12 00:00:22,583 --> 00:00:25,240 is it makes one part of that equation already known. 13 00:00:25,240 --> 00:00:28,050 I already know that your username is first name.last name 14 00:00:28,050 --> 00:00:30,530 and now all I need to do is figure out your password 15 00:00:30,530 --> 00:00:32,090 to break into your system. 16 00:00:32,090 --> 00:00:33,090 So for that reason, 17 00:00:33,090 --> 00:00:35,500 we want to make sure we're using strong passwords. 18 00:00:35,500 --> 00:00:37,420 I said this before but I'll say it again, 19 00:00:37,420 --> 00:00:39,630 strong passwords contain uppercase letters, 20 00:00:39,630 --> 00:00:42,450 lowercase letters, numbers, special characters, 21 00:00:42,450 --> 00:00:44,380 and at least eight characters or more, 22 00:00:44,380 --> 00:00:46,190 but I prefer 14 or more. 23 00:00:46,190 --> 00:00:48,110 Now let's go over six key tips 24 00:00:48,110 --> 00:00:49,950 for keeping your usernames and passwords 25 00:00:49,950 --> 00:00:51,490 and your account secure. 26 00:00:51,490 --> 00:00:53,720 Number one, always require the user 27 00:00:53,720 --> 00:00:55,310 to change the default password 28 00:00:55,310 --> 00:00:57,080 whenever the account is first created. 29 00:00:57,080 --> 00:00:59,617 If the IT guy created the password and he said, 30 00:00:59,617 --> 00:01:01,547 "Hey, your password is 12345678," 31 00:01:02,410 --> 00:01:04,140 you want to change it as soon as you get that account 32 00:01:04,140 --> 00:01:06,310 to make sure only you know the password. 33 00:01:06,310 --> 00:01:08,400 Number two, require that that password 34 00:01:08,400 --> 00:01:11,010 is changed frequently, every 90 days. 35 00:01:11,010 --> 00:01:14,180 You can do this by creating a global policy to enforce this. 36 00:01:14,180 --> 00:01:16,500 I'm going to show you that in another lesson. 37 00:01:16,500 --> 00:01:19,360 Number three, always change the default administrator 38 00:01:19,360 --> 00:01:20,640 or root password. 39 00:01:20,640 --> 00:01:21,980 By default in Windows, 40 00:01:21,980 --> 00:01:24,410 they create a default administrator account. 41 00:01:24,410 --> 00:01:25,880 You know what the password is? 42 00:01:25,880 --> 00:01:27,470 Blank, it's nothing. 43 00:01:27,470 --> 00:01:29,200 That is horrible for security. 44 00:01:29,200 --> 00:01:31,120 So the first thing you should do is go in 45 00:01:31,120 --> 00:01:33,320 and change that to a long strong password 46 00:01:33,320 --> 00:01:36,480 and preferably disable that administrator account. 47 00:01:36,480 --> 00:01:38,960 Number four, you want to disable the guest account 48 00:01:38,960 --> 00:01:40,120 on your systems. 49 00:01:40,120 --> 00:01:42,840 By default, Windows is going to install an account called guest 50 00:01:42,840 --> 00:01:43,810 on your system. 51 00:01:43,810 --> 00:01:45,550 You want to go into your user manager 52 00:01:45,550 --> 00:01:48,380 and from here you can disable that account. 53 00:01:48,380 --> 00:01:51,140 Number five, you want to enable Control + Alt + Delete 54 00:01:51,140 --> 00:01:52,890 for logging into the system. 55 00:01:52,890 --> 00:01:54,690 This is going to ensure that the user is communicating 56 00:01:54,690 --> 00:01:56,650 with a trusted path to the operating system 57 00:01:56,650 --> 00:01:58,210 in case there's any malware in it. 58 00:01:58,210 --> 00:01:59,810 You've seen this when you go to your Windows 7 59 00:01:59,810 --> 00:02:00,860 or your Windows 10. 60 00:02:00,860 --> 00:02:02,510 Press Control + Alt + Delete to log in 61 00:02:02,510 --> 00:02:05,010 and then it comes up and asks for your username or password. 62 00:02:05,010 --> 00:02:06,320 To turn this feature on, 63 00:02:06,320 --> 00:02:07,530 you go to the Advanced tab 64 00:02:07,530 --> 00:02:09,620 of the User Accounts dialogue box. 65 00:02:09,620 --> 00:02:12,190 You can also implement this across your entire domain 66 00:02:12,190 --> 00:02:14,200 by using a good group policy. 67 00:02:14,200 --> 00:02:16,810 Number six, use good, strong policies 68 00:02:16,810 --> 00:02:18,470 in regards to your passwords. 69 00:02:18,470 --> 00:02:20,440 Now this one is really, really important. 70 00:02:20,440 --> 00:02:22,860 In fact, it's so important that I'm going to dedicate 71 00:02:22,860 --> 00:02:25,650 the entire next video to take you into the lab environment 72 00:02:25,650 --> 00:02:27,550 and walk you through step by step 73 00:02:27,550 --> 00:02:29,620 how to set some important policy requirements 74 00:02:29,620 --> 00:02:31,510 for your passwords like the length, 75 00:02:31,510 --> 00:02:34,160 the age, the reuse, and the complexity. 76 00:02:34,160 --> 00:02:36,210 We'll talk about that in the next lesson.