Windows NT and Windows 2000 offer more secure and robust models to limit
access to files on your PC. WinNT and Windows 2000 limit access to the logon
prompt by requiring a user to first press the CTRL-ALT-DEL keys simultaneously.
Because it�s hard to re-create this sequence from a remote location, malicious
programs are restricted from logging on. Unlike Win9x, with WinNT and Windows 2000,
users cannot bypass the logon screen.
After entering your Username and Password, WinNT �investigates� you in the
SAM (Security Accounts Manager). More robust than the Win9x .PWL files, the SAM
maintains a list of each user�s permissions. It assigns a SID (Security ID) to
you, valid only for this session; you receive a new SID each time you log on.
The SID determines the permissions you have when attempting an operation and
allows or denies access. To change a password, navigate to Start, Programs,
Administrative Tools (Common), User Manager and select the appropriate account.
The logon prompt for Windows 2000 is similar, but instead of the SAM, Windows 2000
authenticates via certificates, or digital IDs that contain
user data, permissions, and other information. At logon, Windows 2000 verifies
the ID to access the appropriate certificate and hands you a ticket for your
currnet session. Permissions and access to resources are based on what the
ticket says. To change passwords in Windows 2000, go to Start, Settings, Control
Panel, and Users And Passwords.
Windows NT and Windows 2000 offer file-level security (lets
administrators set users� rights to files on a file-by-file basis) to those
using NTFS (NT File System). To set file permissions while logged in as
Administrator, right-click the file (or folder) and select Sharing. In the
window, select the Permissions tab and click the Permissions button. Add or
remove users to grant or deny access and remove the Everyone group from having
access. As the users to whom you have restricted (or granted) access log off and
log on again, they will be subject to the defined access level.
Passwords give some security, but there are limitations on Windows 9x systems
that don�t have System Policies installed. Windows NT and Windows 2000 offer
better security but at higher costs both in money and administration.
|
|
|
|
|
|
|
|