User Accounts

 
     Too many home users set up their computers using the generic administrator account with no password.  This practice is an open invitation for a hacker to gain access and take over the computer.  Make sure that you set up a user account with a password for each user who accesses the computer.  You especially want to set up accounts for children who use the computer so that you may limit the activities they can perform and monitor their web access.

Administrative Priviledges

     You should only set up one account with administrative priviledges.  This account should not be one that a child uses to access the computer.  Only use the administrative account to install applications and change configuration settings.  After making such changes, log off the computer and log back in as a normal user. 

     If a hacker gains access to a computer using the administrative account then he may do what ever he wishes with the computer.  If you are logged in under a normal user account and a hacker gains entry then he is less able to cause major damage.  Do not login to the computer using administrative priveiedges when you are going to surf the web.

Guest Accounts

     Most computers arrive at the home with an active guest account that contains no password.  Although this account has limited access, it is a known target for hackers to use in an attempt to infiltrate a computer.  Disable or delete the guest account.

Strong Passwords

     Weak passwords are a known entry point into computers for hackers, especially when applied to the administrative account.  A week password would be any word located in a dictionary or combinations of words discovered using social engineering techniques.  Hackers use "brute force" tools to attempt "dictionary attacks" on computers using specialized dictionaries that they create.

     Strong passwords help eliminate the possibility of a hacker gaining entry using a dictionary attack.  A strong password would be a password at least 8 characters long, containing both upper and lower case letters and at least one special symbol (these symbols are any of the characters above the numbers on a standard keyboard).  Using strong passwords increases the number of unique possibilities geometrically as the number of characters in the password increases.  An 8 character password using 32 different characters translates to over two-trillion possible combinations.  This would take a hacker quite some time to attempt all combinations.

Passwords in Web-browsers

     Many browsers will ask you if you would like the browser to remember your user name and password so you can automatically login the next time you visit the site.  These passwords are often stored in plain-test files that may be read by anyone who gains access to the computer. If a hacker gains access to the computer then he can read the password file and gain access to any of the referenced web sites. 

     This would be a very bad situation if you happen to use online banking services or other sensitive web-based applications.  If you must store passwords because you access too many sites and simply can't remember them all, then use an encrypted password vault to store those passwords.

Antivirus

     Install, activate, and use antivirus and antimalware software. If your computer connects to the Internet, even if only for e-mail, then there is a good chance that viral-type infections will head your way. These software applications cannot guarantee that you will not get infected but they will certainly prevent the most common types of infections. You also need to make maintain your antivirus and antimalware packages. Most publishers include the ability to automatically update the infection listings (called signature files) of their packages as long as there is an active connection to the Internet.