Managing local computer accounts and user information and keeping track of passwords for services just got a whole lot easier with Windows XP Professional. Microsoft has included a number of features to simplify account management and related duties. The ubiquitous wizards are on the scene too. The Files And Settings Transfer Wizard makes it easy to move your personal data and settings from one computer to another. The Forgotten Password Wizard helps the absentminded retrieve their misplaced passwords. You can even create a .NET password with the (you guessed it) .NET Passport Wizard. In this Daily Drill Down, we will explore the enhancements that have been made to user account and password management in XP, and I’ll give you a sneak preview of its handy new “wiz bang” features.
Transferring files and settings
The Files And Settings Transfer Wizard is a new feature in XP that allows you to move both your configuration settings and your data files from one computer to another. The wizard allows you to accomplish this without having to spend time reconfiguring browser preferences, e-mail settings, taskbar, and display properties. You can also transfer your My Documents and Favorites folders to the appropriate location on the new computer automatically (see Figure A).
|Move your configuration settings and files with the Files And Settings Transfer Wizard.|
How to use the Files And Settings Transfer Wizard
Access the wizard via Start | Programs | Accessories | System Tools | Files And Settings Transfer Wizard (see Figure B).
|With two Windows XP computers, first run the wizard on the computer you want to transfer files and settings from. After you complete that process, run the wizard on the computer to which the files and settings will be transferred.|
The wizard will give you the following file transfer choices:
- Via a direct cable connection between the two computers
- Via a network
- Via a floppy disk or other removable media such as Zip or Jaz drives
- By saving the files and settings to a network drive or removable drive
You can also save the files and settings to a local disk on your computer, as shown in Figure C.
|You can save the settings and files from the old computer to a selected location.|
Next, choose whether to save only your configuration settings, only your data files, or both. You can also select a custom list of files and settings (Figure D).
|You can select exactly which settings and files the wizard will transfer.|
Once you have made your selections, the wizard will copy the appropriate files. Keep in mind that this may take several minutes.
Moving the saved files and settings to the new computer
After you have collected the files and settings from the old computer, you can run the wizard on the new computer, select the transfer method and/or location where the saved settings are stored, and transfer them to the new computer.
If you have not run the wizard first on the old computer to collect the settings and files, you can create a Wizard Disk on a floppy or run the wizard on the old computer from the XP installation CD.
Windows XP Pro allows you to collect in one centralized location the user names and passwords you use to access protected Web sites or log on to various networks. The Stored User Names And Passwords feature saves all these names and passwords as part of each user’s profile.
This feature provides users with the benefits of single sign-on; there will be no need to log off and back on to provide the passwords for different computers, and the user names and passwords can be easily viewed and modified by the user (or deleted when no longer required).
If you have a roaming profile, your user names and passwords will be accessible from any computer you log on to with that profile.
Introducing stored user names and passwords
The Stored User Names And Passwords feature automatically stores user names and passwords that you enter to access a domain or Web site, if you choose to save that information. Then, when you try to connect to that resource again, the system will first provide the current user name and password. If that doesn’t work, stored user names and passwords will be tried.
You can also manually add user names and passwords to the list, as I’ll discuss in the next section.
Storing a new user name and password
To store a new user name and password, open the User Accounts applet from the Control Panel. Then, perform one of the following actions, depending on whether your computer belongs to a Windows domain:
- Nondomain member: Click your account name and select Manage My Network Passwords in the Related Tasks box.
- Domain member: Click the Advanced tab and then click the Manage Passwords button.
Add an entry by clicking the Add button, as shown in Figure E.
|Store user names and passwords in a centralized location for easy management.|
You will be asked to supply logon information for the new entry, including the server name, user name, and password. You can change this information later (for example, if your password on the server is changed) by editing the entry’s properties.
Recovering lost passwords
Windows XP lets you create a “password hint” to help you remember your password. To do this, click Change My Password in the properties box for your user account. If you do not wish to change your password, retype the same password as the new password and then enter the hint in the last field in the Change Your Password dialog box, as shown in Figure F.
|You can create a hint to help you remember your password in Windows XP.|
Another new feature in Windows XP is the Lost Password Wizard, which lets you make a special Password Reset Disk. This can be used to open your account when you’ve forgotten your password; you can then create a new password. You can also use the Reset Wizard to change your password.
To invoke the wizard, select Prevent A Forgotten Password in the user account properties box on a standalone or workgroup machine, as shown in Figure G.
|Select Prevent A Forgotten Password from your user account properties screen to invoke the wizard and create a Password Reset Disk.|
The Password Reset Disk can now be used to log on to Windows and change the password. Users should store the Password Reset Disks in a safe place and take other measures to protect their passwords, as discussed in the next section.
Note that this feature is not available if the computer is logged on to a domain.
Ensuring password security
Windows XP makes it more convenient for users to manage their passwords by collecting them in one place and easy to recover lost account passwords with the Forgotten Password Wizard. However, this convenience makes it even more important that good security policies be established.
Because the passwords are stored with your profile, it is essential that you prevent others from accessing your account; anyone who uses your computer when you are logged in will have access to those passwords. Users should practice the following to ensure password security:
- Always lock or log off the computer or turn on a password-protected screensaver to prevent unauthorized access while you are away.
- Use strong passwords: seven or 14 characters long, containing both upper and lowercase characters, numbers and symbols, and not comprising a name or word that is in the dictionary.
- Change passwords on a regular basis. The new password should be significantly different from the old one. Don’t, for example, change from pass1word to pass2word.
- Don’t use the same password for multiple accounts. This is a common problem. It is easier to assign the same password to everything, but if this one password is compromised, the intruder will have access to all servers and Web sites you access with that password. The Stored User Names And Passwords feature lets you store those passwords securely so you can log on with a single password—for your user account—and not have to remember all the others.
Note that Windows XP allows you to create passwords that are up to 127 characters long. Windows 95 and 98 only support passwords up to 14 characters. If you have computers running those operating systems on your network, you would not be able to log on with your account with a longer password.
Resetting your password
If a user has forgotten his or her password and has not created a Reset Disk, you can reset the password by right-clicking the user account name in the Advanced User Management console (accessed via Control Panel | User Accounts | Advanced tab | Advanced button) and selecting Set Password (Figure H).
|To reset a user’s password, right-click the account name and select Set Password.|
This method should be used only as a last resort, as it can cause important user account information to be lost. You will be warned of this before proceeding, as shown in Figure I.
|Resetting a user account password can result in data loss.|
Using the .NET Passport Wizard
Windows XP is part of Microsoft’s new .NET initiative. The .NET passport is used to securely access services such as Microsoft’s Hotmail e-mail and MSN Messenger. The passport is also used for accessing Microsoft’s .NET passport-enabled Web sites, creating Web pages, and participating in online real-time communications.
You can create a .NET passport that will be associated with your Windows XP user account. Adding the .NET passport to your account is easy: Click the taskbar tray icon that appears when you install Windows XP; it pops up to ask you if you want to create a .NET passport. You can also click the .NET Passport Wizard button on the Advanced properties sheet in the User Accounts applet if the computer belongs to a domain or click the .NET Passport Wizard selection in the User Account box for a nondomain XP computer. The wizard, shown in Figure J, walks you through the steps of setting up your .NET passport.
|Use the .NET Passport Wizard to set up an account for accessing Microsoft sites and services.|
You can also select a different passport to associate with your XP user account by selecting Change My .NET Passport in the Account properties dialog box.
Note that if you have a Hotmail or MSN e-mail account, you may have already created a .NET password when you set up the account.
Fast User Switching
Another new feature to XP is Fast User Switching, a means of switching between user accounts without losing the running programs. The state of the system is preserved at logoff so that the first user can start up where he or she left off after logging back on. Like some others, this feature is not available if the computer belongs to a domain.
Enabling Fast User Switching
Only members of the local administrators group can enable or disable Fast User Switching. To do so, access the User Accounts applet in the Control Panel and select Change The Way Users Log On Or Off, as shown in Figure K.
|Administrators can enable or disable Fast User Switching from the User Accounts applet.|
Fast User Switching cannot be used if Offline Files are enabled.
Check the Use The Welcome Screen and Use Fast User Switching check boxes, as shown in Figure L. Note that the latter will be grayed out and you will be unable to check it until you first check Use The Welcome Screen.
|Select both check boxes to enable Fast User Switching.|
Now when you select Logoff from the Start menu, you will have the option to switch users, as shown in Figure M.
|You can log off the current user without losing his or her settings and running programs. He or she can resume working at the same point immediately upon logging back on.|
Microsoft has included a number of new features in Windows XP Professional that make it easier to manage computer accounts and their passwords. Several of these features, however, work only if the XP computer is running as a standalone machine or a member of a workgroup; they are not available on computers that belong to domains.
In this Daily Drill Down, I introduced the Files And Settings Transfer Wizard, the Stored User Names And Passwords feature, and the Forgotten Password Wizard. You learned how to reset a password if you neglected to create a Password Reset Disk and how to employ the .NET Passport Wizard and the Fast User Switching feature. In Windows XP, working with accounts and passwords is simplified without sacrificing the security you expect from an operating system built on the NT/2000 kernel.
Debra Littlejohn Shinder, MCSE, MVP is a technology consultant, trainer, and writer who has authored a number of books on computer operating systems, networking, and security. Deb is a tech editor, developmental editor, and contributor to over 20 additional books on subjects such as the Windows 2000 and Windows 2003 MCSE exams, CompTIA Security+ exam, and TruSecure's ICSA certification.