1. Andy, MS trying to get security for your Windows account, is a real laugh. Sorry, but we both know that MS is not noted for security or privacy.

    For me, this added “protection” is ludicrous, at best. One good, solid password is more than enough. For those who are extreme worry-warts, use a password generator like Roboform or LastPass or KeePass and so forth. They do work and can be the proper layer of protection needed.

    I have used both LastPass and Roboform and like them both. Right now, I am using Roboform because I got a good discount for multiple devices. I also liked, that I was able to transfer all of my password information from LastPass to Roboform. As far as Roboform it is quite similar to LastPass, which as made it easier for my transition.

    The hardest part of a Password Manager is building the information for all of your websites, emails and etc. that use a password. Once that is done, it really is a piece of cake.

    I do wished I had know about just not answering the silly security questions, when I set up Windows 10, a couple of months ago. My original hard drive died and I had to get a new one, so that meant reinstalling Windows 10. What a great opportunity to bypass all of that, by simply clicking on Next.

  2. Crimson SR71

    Hi Anand, awesome article, just what I was looking for. Incredibly frustrating that they made this a mandatory selection if you use a password. I set up machines for our users, I can’t even comprehend how this could be useful in our case (unless I make every machine have the same questions, defeating the purpose…).

    Moxie –

    I’m glad to hear you’re using password managers and you’re definitely on the right track. Just to throw some more information at you, passwords, no matter how simple or complex, protect you from a single angle of attack only, which is guessing (including a brute force machine attack). Even a strong password is very weak protection in the greater scheme and “One good, solid password is more than enough” is most certainly not true if you take into consideration that most passwords are stolen through other means (breaches, phishing, disgruntled employees, accidental disclosure of data).

    The most important protection you get from using a password manager with random passwords on every account is actually not that it makes your accounts that much more secure (I mean, it does to some degree if your password was your pet’s name or “password” or whatnot beforehand), but that it will protect all your other accounts when one gets breached.

    Personally I would strongly discourage using any service that is of any importance to you that does not support multi-factor authentication, no matter how good your password is.

    Just food for thought.

  3. Brian Buresh

    Windows passwords do nothing to protect you. I can break into your account with a usb drive and 30 seconds of time.

  4. Just use Windows-r control userpasswors2 to set the password. No hint nor security questions that nobody over 30 can remember the answer to needed.

    The engineers at Microsoft are of one mind. The person with the mind was off sick that day.

  5. GXP

    Can’t bypass this. The step to put in a blank password doesn’t work if there is a password policy in place that require a password. Trying to set up secondary local account for temporary use.

Leave a Reply

Your email address will not be published. Required fields are marked *

6 + 6 =