Locust

New Member
Spouse and I are arguing about whether to use a Windows password/pin and possibly BitLocker (see current security config here, basically the same on both computers). Strictly in terms of preventing remote hackers/malware from harming our PCs, what's the highest necessary level of password hygiene? One of us wants to go full on BitLocker with foil hat level password security and so forth, the other isn't convinced that passwords provide any sort of impediment to malware and remote hackers, and thinks at most the admin account should have a strong password and 4 digit pin, while the standard user accounts we both browse on don't need passwords.

We both agree that we have taken sufficient precautions that the physical security of the laptops isn't of concern, beyond having to buy a new one if it's stolen of course. Feel free to pitch scenarios involving physical access to us if you think there's somewhere we're vulnerable, but I'd prefer to keep the discussion to whether and how the aforementioned security features stop malware and remote hackers only.
 
D

Deleted Member 333v73x

I use a PIN, if your Microsoft Account (assuming you aren't using a local account) gets hacked or your password is found out then with a PIN your PC can't be accessed. A PIN is only for that computer so it is more secure and more easy to remember than a password.
 

Cats-4_Owners-2

Level 37
Verified
Trusted
@Locust, from what I've read about your proposed use of standard accounts thusly to protect your administrative accounts, I believe it to be a most secure move; and yet one that must be something your spouse & you eventually agree upon in order to implement effectively. My wife (formerly) performed all her computing tasks on her admin. side. Since personal habits can often feel harder to break than cooperating with one another,:confused: what I did was to :eek:covertly create an identical "looking"o_O standard account, using her own simple (5) character pass code, & I'd even gone so far as to use her chosen avatar.:p After I'd revealed what I'd hoped she'd find a clever ruse,:rolleyes: she was:mad: by then already half way on board:) using her standard account,;) and officially sealed our Security Council Treaty through the act of choosing her own pass phrase for the administrative account.:cool:
Personally, I recommend using a unique pass phrase (or pin) additionally for your standard accounts because it layers yet another security hurdle.
..& after your sharing about BitLocker, an option I'd not been familiar with, it is clear that you can now wear your "Tin Foil Hat" with pride!:D
 
Last edited:

Spawn

Administrator
Verified
Staff member
Local account users can use a password, but by all means, if you have no personal documents, photos and videos that are easily accessible, then you do not have to use a password.

Windows 8 to 10 users who use a Microsoft Account are required to use a Password/PIN.

Windows 10 users can use a PIN that is unique to their device, it's easy to remember and only works on that single device.

Windows Hello is a new addition to Windows 10, to allow users to login using Biometric devices. Apple and Google already have implemented Fingerprint Authentication in their devices/OS.
 

jamescv7

Level 61
Verified
Trusted
Password from your Microsoft Account or PIN are fine enough as long you have strong combination of keys. Those full proof concept of brute force attack is a casual but of course the developef already set through the limits.
 
D

Deleted member 178

Best practice a la @Umbra style :

- Admin Account : local account, strongly passworded or/and Pin-based.
- Create one Standard Account for each user (so 2 , one for you and your wife), Microsoft Account can be used for usability and sync (if you use Windows 10) ; passworded and PIN;

Golden rule : never let an account open to anyone; you are not with your PC 24/24h.

If you store very sensitive datas , use Bitlocker (beware if you have other disk/partition/encryption softwares; incompatibilities may occur)
 
Last edited by a moderator:
  • Like
Reactions: frogboy