Windows NT and Windows 2000 offer more secure and robust models to limit
access to files on your PC. WinNT and Windows 2000 limit access to the logon
prompt by requiring a user to first press the CTRL-ALT-DEL keys simultaneously.
Because it’s hard to re-create this sequence from a remote location, malicious
programs are restricted from logging on. Unlike Win9x, with WinNT and Windows 2000,
users cannot bypass the logon screen.
After entering your Username and Password, WinNT “investigates” you in the SAM (Security Accounts Manager). More robust than the Win9x .PWL files, the SAM maintains a list of each user’s permissions. It assigns a SID (Security ID) to you, valid only for this session; you receive a new SID each time you log on. The SID determines the permissions you have when attempting an operation and allows or denies access. To change a password, navigate to Start, Programs, Administrative Tools (Common), User Manager and select the appropriate account.
The logon prompt for Windows 2000 is similar, but instead of the SAM, Windows 2000 authenticates via certificates, or digital IDs that contain user data, permissions, and other information. At logon, Windows 2000 verifies the ID to access the appropriate certificate and hands you a ticket for your currnet session. Permissions and access to resources are based on what the ticket says. To change passwords in Windows 2000, go to Start, Settings, Control Panel, and Users And Passwords.
Windows NT and Windows 2000 offer file-level security (lets administrators set users’ rights to files on a file-by-file basis) to those using NTFS (NT File System). To set file permissions while logged in as Administrator, right-click the file (or folder) and select Sharing. In the window, select the Permissions tab and click the Permissions button. Add or remove users to grant or deny access and remove the Everyone group from having access. As the users to whom you have restricted (or granted) access log off and log on again, they will be subject to the defined access level.
Passwords give some security, but there are limitations on Windows 9x systems that don’t have System Policies installed. Windows NT and Windows 2000 offer better security but at higher costs both in money and administration.