1. Set the password complexity. It can be suggested to have at the very least 6 digits, including upper and decrease case alphanumeric characters and particular symbols.
Configuration strategy: Enter gpedit.msc during Windows + r operation to open the group policy, after which select Pc Configuration-> Windows Settings-> Security Settings-> Account Policy-> Password Policy, locate the password should meet the complexity specifications alternative, open
two. Set the number of password authentication failure locks. When you enter greater than ten times in succession, the account is going to be locked for ten minutes.
Configuration system: Enter gpedit.msc throughout Windows + r operation to open the group policy, and then choose Laptop or computer Configuration-> Windows Settings-> Safety Settings-> Account Policy-> Account Lockout Policy. Set free download full version samsung memory card data recovery software .
three. Reset the account lock counter. The default worth is none, this setting is meaningful only immediately after setting the account lockout threshold. When the amount of failed logins reaches the set worth, this count requirements to be reset to zero, and this worth must be much less than or equal to the account lock time.
Configuration strategy: Set the worth from the reset account lock counter solution in the account lock policy.
four. Configure the password lifetime, the password validity period with the account should not exceed 365 days.
Configuration strategy: Enter gpedit.msc during Windows + r operation to open the group policy, then select Laptop Configuration-> Windows Settings-> Security Settings-> Account Policy-> Password Policy to set the worth of your maximum password age.
five. Set reminder for password expiration.
Configuration process: enter gpedit.msc for the duration of Windows + r operation to open the group policy, select Computer system Configuration-> Windows Settings-> Security Settings-> Local Policies-> Security Selections, locate the interactive login: prompt the user to modify the password before it expires, Just define the worth.
6. Disable the modification of your password of the domain atmosphere. People who are usually not domain servers or domain members don't need to have to set this item.
Configuration method: Enter gpedit.msc throughout Windows + r operation to open the group policy, after which select Laptop Configuration-> Windows Settings-> Safety Settings-> Regional Policies-> Security Alternatives, discover the domain controller: reject pc account password change, set to Disabled.
7. Configure the tactic for using historical passwords. You can't make use of the passwords that have been used the last two times.
Configuration system: Enter gpedit.msc during Windows + r operation to open the group policy, pick Laptop Configuration-> Windows Settings-> Safety Settings-> Account Policy-> Password Policy, and set the mandatory password history item to 2.
8. Configure session lock. If it truly is a member in the domain, verify the user info when the session is locked.
Configuration method: enter regedit to open the registry through Windows + r operation, visit HKEY_LOCAL_MACHINE \\ Software program \\ Microsoft \\ Windows \\ CurrentVersion \\ Policies \\ Method, add the name DontDisplayLockedUserId, the sort is DWORD, and the information is the standard worth. If it exists, modify it and change it to 1. 1 suggests show name, domain name, user name, two means only display user name, 3 signifies not display user data.
Nine, configure the minimum password usage time. When the user wants to modify a particular password, the password ought to be made use of to get a time frame.
Configuration approach: Enter gpedit.msc in the course of Windows + r operation to open the group policy, and then pick Computer Configuration-> Windows Settings-> Security Settings-> Account Policy-> Password Policy to modify the worth of the minimum password age.
ten. Disable shared accounts
Configuration method: Which account is shared and needs to be disabled, you should ask the management within the network to figure out. Right-click laptop management-> pc management-> technique tools-> local users and groups, modify and disable.
11. http://b3.zcubes.com/bloghome.htm : computer right-click management-> laptop management-> program tools-> regional users and groups, come across the Guest account, right-click properties, choose disable.
12. Prohibit anonymous accounts from enumerating neighborhood details
Configuration process: Enter gpedit.msc in Windows + r to open the group policy, and after that select Laptop or computer Configuration-> Windows Settings-> Security Settings-> Regional Policies-> Safety Possibilities, locate the network access: anonymous enumeration of SAM accounts is just not permitted, Set to allow.
Thirteen, configure sharing permissions
Configuration system: personal computer right-click management-> personal computer management-> program tools-> shared folder, right-click the shared folder, the home switches to the sharing permission bar, check whether or not there's absolutely everyone inside the user, and delete it if there is certainly.
14. Set the permissions assigned towards the file
Configuration method: enter gpedit.msc throughout Windows + r operation to open the group policy, then choose Personal computer Configuration-> Windows Settings-> Safety Settings-> Regional Policies-> User Rights Assignment, discover the ownership of files or other objects, set to only administrator,
Fifteen, set the disk partition format to NTFS
Configuration strategy: laptop or computer right-click management-> storage-> disk management, check the format of the own disk, if it can be not NTFS, it is advisable to modify, the modification technique is omitted.
16. Configure remote shutdown permissions
Configuration strategy: Enter gpedit.msc through Windows + r operation to open the group policy, after which choose Laptop or computer Configuration-> Windows Settings-> Safety Settings-> Local Policies-> User Rights Assignment, locate the forced shutdown in the remote program, set to only administrator,
17. Configure technique shutdown authorization
Configuration method: enter gpedit.msc in the course of Windows + r operation to open the group policy, and then select Laptop Configuration-> Windows Settings-> Security Settings-> Neighborhood Policies-> User Rights Assignment, discover the technique shutdown selection, set to only administrator,
18. Turn off autoplay
Configuration technique: right-click computer management-> services and applications-> services, come across shellhardwaredetection, set to disabled, immediately after disabling, change the startup system to manual, otherwise this service will start off automatically next time you get started the pc.
Nineteen, disable ctrl + alt + del
Configuration strategy: enter gpedit.msc throughout Windows + r operation to open the group policy, pick Laptop or computer Configuration-> Windows Settings-> Safety Settings-> Nearby Policies-> Safety Options, obtain the interactive login: no will need to press atrl + alt + del , Disable this choice, then you require to press this important mixture to log in to the program once more, which can avert the attack of intercepting the password.
Twenty, the specified user can access the computer remotely
Configuration method: enter gpedit.msc in Windows + r to open the group policy, choose Computer Configuration-> Windows Settings-> Safety Settings-> Regional Policies-> User Rights Assignment, uncover this personal computer from the network, double-click to add permitted customers And group, delete absolutely everyone,
Twenty-one, configure login log audit
Configuration strategy: enter gpedit.msc through Windows + r operation to open the group policy, after which select Pc Configuration-> Windows Settings-> Security Settings-> Neighborhood Policies-> Audit Policy, obtain the audit login occasion, set to audit both success and failure,
Twenty-two, set the completeness of your technique log
Configuration process: enter gpedit.msc in windows + r running to open the group policy, and after that choose personal computer configuration-> windows settings-> safety settings-> local strategy-> audit technique. Twenty-one has set up a login occasion, and now all other individuals are set to audit both results and failure,
Twenty-three: Configure to work with NTP to ensure which you can prepare to understand when the issue happens.
Configuration approach: right-click laptop management-> services and applications-> services, discover the windowstime item, and set the startup mode to automatic.
Twenty-four, the file capacity from the configuration log
Configuration approach: Control Panel-> Administrative Tools-> Occasion Viewer, open the windows log, view the application log, safety log and technique log, right-click properties, whether the size is 20480, no matter if the tactic of overwriting events is applied when it reaches the maximum,
25. Disable unnecessary services
Configuration process: right-click computer system management-> services and applications-> solutions, discover unnecessary services to disable, frequently don't require to begin some services are listed, but recommended, based on their very own wants to choose,
Twenty-six, set screen password protection
Set a screen saver waiting time of 15 minutes, and use password protection when recovering. Win10 is personalized right-click on the desktop, related to other systems.
http://webmastertool.kazeo.com/p-span-what-to-do-if-the-samsung-samsung-u-disk-folder-is-just-not-fou-a188306230 -seven, set the remote login timeout
Configuration approach: enter gpedit.msc in Windows + r to open the group policy, then pick Computer Configuration-> Windows Settings-> Security Settings-> Neighborhood Policies-> Safety Possibilities, come across the Microsoft network server: idle time required prior to suspending the session , Set to 15 minutes,
Twenty-eight, don't display the final logged in user name
Configuration technique: enter gpedit.msc through Windows + r operation to open the group policy, choose Computer Configuration-> Windows Settings-> Security Settings-> Regional Policies-> Security Alternatives, find the interactive login: don't show the final user name, allow .
29. Shut down to clear the virtual memory web page
Configuration technique: Enter gpedit.msc during Windows + r operation to open the group policy, and then select Laptop Configuration-> Windows Settings-> Security Settings-> Local Policies-> Security Solutions, obtain the shutdown: clear the virtual memory web page, allow it.
30. Set the number of preceding cache logins
Configuration strategy: enter gpedit.msc in the course of Windows + r operation to open the group policy, and after that pick Computer Configuration-> Windows Settings-> Safety Settings-> Neighborhood Policies-> Security Alternatives, locate the interactive login: the number of times before logging into the cache, set Is five,
1. Set the password complexity. It can be suggested to have at the very least 6 digits, including upper and decrease case alphanumeric characters and particular symbols.
Configuration strategy: Enter gpedit.msc during Windows + r operation to open the group policy, after which select Pc Configuration-> Windows Settings-> Security Settings-> Account Policy-> Password Policy, locate the password should meet the complexity specifications alternative, open
Configuration system: Enter gpedit.msc throughout Windows + r operation to open the group policy, and then choose Laptop or computer Configuration-> Windows Settings-> Safety Settings-> Account Policy-> Account Lockout Policy. Set free download full version samsung memory card data recovery software .
Configuration strategy: Set the worth from the reset account lock counter solution in the account lock policy.
Configuration strategy: Enter gpedit.msc during Windows + r operation to open the group policy, then select Laptop Configuration-> Windows Settings-> Security Settings-> Account Policy-> Password Policy to set the worth of your maximum password age.
Configuration process: enter gpedit.msc for the duration of Windows + r operation to open the group policy, select Computer system Configuration-> Windows Settings-> Security Settings-> Local Policies-> Security Selections, locate the interactive login: prompt the user to modify the password before it expires, Just define the worth.
Configuration method: Enter gpedit.msc throughout Windows + r operation to open the group policy, after which select Laptop Configuration-> Windows Settings-> Safety Settings-> Regional Policies-> Security Alternatives, discover the domain controller: reject pc account password change, set to Disabled.
Configuration system: Enter gpedit.msc during Windows + r operation to open the group policy, pick Laptop Configuration-> Windows Settings-> Safety Settings-> Account Policy-> Password Policy, and set the mandatory password history item to 2.
Configuration method: enter regedit to open the registry through Windows + r operation, visit HKEY_LOCAL_MACHINE \\ Software program \\ Microsoft \\ Windows \\ CurrentVersion \\ Policies \\ Method, add the name DontDisplayLockedUserId, the sort is DWORD, and the information is the standard worth. If it exists, modify it and change it to 1. 1 suggests show name, domain name, user name, two means only display user name, 3 signifies not display user data.
Nine, configure the minimum password usage time. When the user wants to modify a particular password, the password ought to be made use of to get a time frame.
Configuration approach: Enter gpedit.msc in the course of Windows + r operation to open the group policy, and then pick Computer Configuration-> Windows Settings-> Security Settings-> Account Policy-> Password Policy to modify the worth of the minimum password age.
Configuration method: Which account is shared and needs to be disabled, you should ask the management within the network to figure out. Right-click laptop management-> pc management-> technique tools-> local users and groups, modify and disable.
Configuration process: Enter gpedit.msc in Windows + r to open the group policy, and after that select Laptop or computer Configuration-> Windows Settings-> Security Settings-> Regional Policies-> Safety Possibilities, locate the network access: anonymous enumeration of SAM accounts is just not permitted, Set to allow.
Configuration system: personal computer right-click management-> personal computer management-> program tools-> shared folder, right-click the shared folder, the home switches to the sharing permission bar, check whether or not there's absolutely everyone inside the user, and delete it if there is certainly.
Configuration method: enter gpedit.msc throughout Windows + r operation to open the group policy, then choose Personal computer Configuration-> Windows Settings-> Safety Settings-> Regional Policies-> User Rights Assignment, discover the ownership of files or other objects, set to only administrator,
Configuration strategy: laptop or computer right-click management-> storage-> disk management, check the format of the own disk, if it can be not NTFS, it is advisable to modify, the modification technique is omitted.
Configuration strategy: Enter gpedit.msc through Windows + r operation to open the group policy, after which choose Laptop or computer Configuration-> Windows Settings-> Safety Settings-> Local Policies-> User Rights Assignment, locate the forced shutdown in the remote program, set to only administrator,
Configuration method: enter gpedit.msc in the course of Windows + r operation to open the group policy, and then select Laptop Configuration-> Windows Settings-> Security Settings-> Neighborhood Policies-> User Rights Assignment, discover the technique shutdown selection, set to only administrator,
Configuration technique: right-click computer management-> services and applications-> services, come across shellhardwaredetection, set to disabled, immediately after disabling, change the startup system to manual, otherwise this service will start off automatically next time you get started the pc.
Configuration strategy: enter gpedit.msc throughout Windows + r operation to open the group policy, pick Laptop or computer Configuration-> Windows Settings-> Safety Settings-> Nearby Policies-> Safety Options, obtain the interactive login: no will need to press atrl + alt + del , Disable this choice, then you require to press this important mixture to log in to the program once more, which can avert the attack of intercepting the password.
Configuration method: enter gpedit.msc in Windows + r to open the group policy, choose Computer Configuration-> Windows Settings-> Safety Settings-> Regional Policies-> User Rights Assignment, uncover this personal computer from the network, double-click to add permitted customers And group, delete absolutely everyone,
Configuration strategy: enter gpedit.msc through Windows + r operation to open the group policy, after which select Pc Configuration-> Windows Settings-> Security Settings-> Neighborhood Policies-> Audit Policy, obtain the audit login occasion, set to audit both success and failure,