Georgia Southwestern State University
  « Support Services   (How to Documents)

Managing Accounts and Passwords (Windows 2000 Pro)

 top Accounts Overview top

Every user account on a Windows 2000 machine is part of a local user group on that computer. A user group is a set of users who have a certain amount of control over the Windows 2000 computer. The four primary user groups are Administrators, Power Users, Users, and Guests. As tech support representative, you will have Administrator rights to all computers in your unit. Faculty and staff accounts are always set to Power Users.

Administrators

Members of the Administrator group have total control over the computer and everything on it. The user named Administrator is the default account within this group. The domain account of each faculty or staff member with a Windows 2000 computer is part of the Administrator group on his or her computer.

Administrators Can:

  • Create, modify, and access local user accounts
  • Install new hardware and software
  • Upgrade the operating system
  • Back up the system and files
  • Claim ownership of files that have become damaged
  • Do anything a Power User can

Power Users

The Power User class can perform any task except for those reserved for Administrators. They are allowed to carry out functions that will not directly affect the operating system or risk security. All domain accounts are part of the Power Users group on public Windows 2000 computers.

Power Users Can:

  • Create local user accounts
  • Modify user accounts which they have created
  • Change user permissions on users, power users, and guests
  • Install and run applications that do not affect the operating system
  • Customize settings and resources on the Control Panel, such as Printers, Date/Time, and Power Options
  • Do anything a User can
  • Power Users Cannot:
  • Access other users' data without permission
  • Delete or modify user accounts they did not create

Users

Users can perform common tasks, but have little power to affect the computer outside of their own account. The Users group is the most secure environment in which to run programs, since a User cannot affect the operating system or program files.

Users Can:

  • Create, modify, and delete their own data files
  • Run system-wide or personally installed applications
  • Change their personal settings
  • Install programs for their own use only
  • Access the network
  • Print to local or networked printers
  • Do anything a Guest can
  • Users Cannot:
  • Modify system-wide settings, operating system files, or program files
  • Affect other users' data or desktop settings
  • Install applications that can be run by other users
  • Add printers
  • Configure the system for file sharing

Guests

The Guests group grants limited access to occasional or one-time users. Once a Guest logs out, all files created by the guest is deleted.

Guests Can:

  • Log in and out
  • Run installed applications
  • Navigate through the file system
  • Shut down the system

Guests Cannot:

  • Do anything else.

 top How to Add Account top

  1. Right click My Computer
  2. Select Manage
  3. Expand Local Users and Groups
  4. Right click Users
  5. Select New User...
  6. Type in required information
  7. Click Create

To change membership of the user

  1. Right click user name
  2. Select Properties
  3. Select Member Of
  4. Add groups as desired
  5. Click OK

 top How to Reset the Password top

To reset password for your account

  1. Log onto the system where you want to change the password.
  2. Press Ctrl-Alt-Del to bring up the Windows Security dialogue box.
  3. Click the "Change Password..." button (bottom left in that window).
  4. Verify the correct Username in the first field. 
  5. Verify the account (whether a Domain account, or local computer account) in the second field.
  6. Enter the old (current) password for the account in the third field.
  7. Enter in the new password (to use from now on) in the fourth field, and again in the fifth to help rule out typing errors.
  8. Click OK to finish and change the password.
  9. Click OK to acknowledge the message that the password was changed.
  10. Press the Esc button, or click Cancel to return to the Windows 2000 desktop.

To reset password for any account

  1. Right click My Computer
  2. Select Manage
  3. Expand Local Users and Groups
  4. Select Users
  5. Right click user's account in the right pane.
  6. Select set Password
  7. Type in new password, confirm password
  8. Click OK

 top Passwords top

Passwords are used to protect computer systems and the data that they contain. A computer user may use several passwords to protect several different aspects of his or her computer. Access to a network, e-mail access, Internet access, database access, and even access to the computer itself may be controlled by a password. Therefore, it is not surprising that all of these passwords may cause some confusion.

When a password fails to work, it is important to first be sure that the password has been entered proper correctly. Passwords are usually, but not always entered in all lower case letters, and may contain numbers as well. The two most common causes for password failure are accidental activation of the keyboard’s Caps Lock (Capital Lock) function and deactivation of the Num Lock (Number Lock) function for the numeric keypad. Indicator lights on the keyboard, usually in the upper right corner, indicate the status of these functions. When the light is on, the function is active. Another common cause of password failure is the use of the wrong password. More than one password may be used on a computer to protect multiple applications. It is important to be sure that the password being used is the right one for the application in question.

Passwords are intended to protect your information. Posting passwords in an obvious place, such as on the computer’s monitor compromises the your computer’s security. Passwords should be written down and kept hidden in a safe place.

Good passwords contain both upper and lower case letters, as well as a special character (such as # or ; or -), and numbers.

Some simple guidelines that will help you choose better passwords are:

  • A password should be a minimum of eight characters long.
  • Try to include some form of punctuation or digit.
  • Use mixed case passwords if possible.
  • Choose a phrase or a combination of words, that make the password easier to remember.
  • Do not use a word that can be found in any dictionary (including foreign language dictionaries).
  • Do not use a keyboard pattern such as qwertyui or oeuidhtn (look at a Dvorak keyboard).
  • Do not repeat any character more than once in a row like zzzzzzzz.
  • Do not use all punctuation, all digit or all alphabetic.
  • Do not use things that can be easily determined such as:
    • Phone numbers.
    • Car registration.
    • Friends' or relatives' names.
    • Your name or employment details.
    • Any Date.
  • Never use your account name as its password.
  • Use different passwords for each machine.
  • Change the password regularly and do not reuse passwords.
  • Do not append or prepend a digit or punctuation mark to a word.
  • Do not reverse words.
  • Do not replace letters with similar looking numbers. For instance, all of the letters i should not be blindly replaced replaced by the digit 1.

Under Windows 2000, multiple accounts may exist. Each account should have a password that allows access to the Windows operating system in that account.

 

 
Georgia Southwestern State University, 800 Wheatley Street, Americus, GA 31709