Educating users

  • Article

Teaching users about strong passwords, e-mail attachments, locking their computers, and other security measures helps protect your system. Create and distribute a security policy, and make sure users follow it.

Recommended security procedures for users

  • Always use strong passwords. A good password contains a combination of the following:
    • Uppercase letters (A through Z).
    • Lowercase letters (a through z).
    • Numbers (0 through 9).
    • Special characters (such as punctuation marks).
    • At least 8 characters (more is better).
  • Never share passwords.
  • Use a different password for each user account.
  • Change your password immediately if you think someone might know it. For more information, see Reset a user's password.
  • It is recommended that you avoid automatically saving passwords. For example, some dialog boxes, such as those for remote access, have an option for saving or remembering a password so that you do not have to retype it each time you log on. Selecting this option poses a potential security threat.
  • Do not leave your workstation unattended and accessible. Always lock your computer when leaving your workstation, and set a screen saver to lock your computer after a specified number of minutes of inactivity.
  • Do not download programs from sources that you do not trust. Malicious programs might contain instructions on how to violate security in a number of ways, including data theft, denial of service, and data destruction. These malicious programs often masquerade as legitimate software and can be difficult to identify. To avoid accessing these programs, only download software from a trusted source. Also ensure that a current virus scanner is installed and functioning in case this type of program inadvertently is downloaded to your computer.
  • Do not open e-mail attachments from unknown sources.
  • Disable macros when opening a document from an unknown source.
  • Always assign permissions to shared files and folders. For more information, see "Best Practices for Shared Folders" at the Microsoft Web site (https://go.microsoft.com/fwlink/?LinkID=53403).

See Also

Concepts

Configuring password policies