Our Password-Protected Lives

password There is more frustration with passwords than almost any other part of our interactions with computers. Part of the frustration is the difficulty of remembering them, of course, but there is also no consistency to help you understand when a password is required or what it’s for.

Passwords will be a fact of life for a long time. They are crucial to our security as we move forward into an era when our data is stored online or is accessible online. Frequently it is only a password that protects you against identify theft or financial loss. I’ve written before about the necessity of accepting the need for passwords and some tips about how to make them more secure. Make a New Year’s resolution to do a better job, okay?

Over the next couple of days I’ll talk about a few of the times that you might see a password prompt, then I’ll tell you about a service to help you get a handle on some of them. Let’s start with the first prompt you see when you sit down at the computer.

 

COMPUTER LOGIN

password3

When you sit down at your computer, it may prompt you for a user name and password. If not, there are still some things going on behind the scene that are worth knowing about.

User name

Your computer always knows you by a user name. If you click on the Start button, you will see it at the top of the menu – although that’s not always an accurate indicator, since it’s possible to change the name displayed on the Start menu without changing the “user name” that is transmitted to other computers when you’re browsing the network, causing endless fun when I’m trying to figure out network errors.

Your user name doesn’t matter for an individual computer but it’s frequently important on a network; other computers decide whether you have permission to use their shared folders or shared printers based on whether they trust your user name and password.

Password

In a small workgroup (home networks and small businesses without a domain server), each computer has its own individual knowledge of users and passwords. Operating systems are becoming more secure, so you may have to set up user accounts with matching names and passwords on each computer before shared folders and printers become accessible. This is particularly true with Windows Home Server – everyone has easy access to shared folders if the user accounts and passwords match on the computers and on the server. There are two wrinkles:

  • Windows Home Server will only allow its remote access features to be used if users have complex passwords, which almost no one has previously had to use in able to log into their computers.
  • If someone changes their password on their computer, it has to be manually changed to match on the Windows Home Server or an unexpected password prompt will pop up, causing an exciting amount of confusion.

Businesses run by Microsoft Small Business Server are built on a domain. It was rare to see a domain controller in other very small businesses until recently, but that may change as Microsoft’s very inexpensive Foundation Server 2008 becomes more widespread.

In a domain, a Windows server takes over responsibility for user names and passwords. When you log into a computer in a domain, your computer consults the server to discover if you are authorized to use the computer and what privileges you have. There is full control from the server over the computers which you do and don’t have permission to use, and the security on folders and printers is enforced consistently no matter what computer is used. If you’ve ever seen your user name written this way, you’re in a domain:

domain_nameuser_name

e.g. brucebnetBruce Berls

Changing your password on any computer is actually an instruction to the server that changes the password on all computers.

To change your login password (workgroup or domain), hit Ctrl-Alt-Del while you’re logged in and click on “Change Password.”

Your computer login password should be secure and private, especially on a business computer, especially in a domain. It is the single key to accessing your computer, your mailbox, and the company folders on the server. It may be the only password needed for full remote control of your computer. Even at home, a secure password keeps someone from looking at your stuff when they walk by your computer.

TECH TIP: And finally, a tip that may come in handy on Windows XP computers. If you’re trying to figure out how to log in to an unknown account, don’t forget to try leaving the password field blank, in case no password is assigned. I run into it all the time, especially when computers are started in Safe Mode and there’s a prompt to log into the hidden Administrator account, or when a computer is inherited or an employee has departed. I’ve been called in after people have spent an hour trying different possible passwords without success. When I sit down and log in immediately by hitting Enter because the password was blank all along, my clients do not always share my happiness and celebrate my expertise. Instead, it’s usually cursing, tears, and irrational violent acts. All part of the exciting world of computer consulting, of course.

Tomorrow: e-mail passwords