Securing NT

By default, NT 4.0 displays the last person who logged onto the system. This can be considered to be a security threat, especially in the case of those who choose their password to be same as their Username. To disable this bug which actually is a feature, go to the following key in the registry editor:

HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon

Click and select the ReportBookOK item and create a new string value called DontDisplayLastUserName. Modify it and set it's value to 1.

As a system administrator, you can ensure that the passwords chosen by the users are not too lame or too easy to guess. NT has this lovely utility called the User Manager which allows the administrator to set the age limit of the password which forces the users to change the password after a certain number of days. You can also set the minimum length of passwords and prevent users to use passwords which already have been used earlier and also enable account lockouts which will deactivate an account after a specified number of failed login attempts.

When you log on to Win NT, you should disable Password Caching, this ensures Single NT Domain login and also prevents secondary Windows Logon screen.

Simply copy the following lines to a plain text ASCII editor like: Notepad and save it with an extension, .reg

----------------DISABLE.reg-----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]

"DisablePwdCaching"=dword:00000001

----------------DISABLE.reg-----------------

To Enable Password Caching use the following .reg file:

--------------Enable.reg-----------------

REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]

"DisablePwdCaching"=dword:00000000

--------------Enable.reg-----------------

Subscribe in a reader