Overview
This lecture covers how to manage user passwords on a computer for security, focusing on both graphical and command-line methods.
Importance of Passwords
- Passwords secure user accounts, ensuring only the owner can access their account.
- Administrators should not know users' passwords; users should set their own.
Resetting Passwords via GUI
- To force a user to change their password at next logon, right-click their account in Computer Management, select Properties, and check "User must change password at next logon".
- If a user forgets their password, admins can manually set a new one, but this may cause loss of certain credentials.
Changing Passwords with PowerShell and net Command
- The DOS-style
net command can change local user passwords: net user <username> <password>.
- Using
net user <username> * prompts for a password input without displaying it on the screen.
- Avoid typing passwords directly into commands to prevent exposure to onlookers or logs.*
Password Security Concerns
- Typing a password directly in the command line exposes it to anyone watching or to system logs.
- Using the asterisk approach while changing another user's password reveals their new password to the admin, which is not ideal.
Forcing Password Change at Next Logon (Command Line)
- Use
net user <username> /logonpasswordchg:yes to require a user to change their password at next login.
- This method improves security as the admin does not need to know the user's actual password.
Key Terms & Definitions
- Password — a secret string that protects a user account from unauthorized access.
- GUI (Graphical User Interface) — a visual way to interact with the computer, as opposed to the command line.
- net command — a DOS-style command-line utility for managing users and passwords.
- /logonpasswordchg:yes — a net command parameter that forces the user to change their password at next login.
Action Items / Next Steps
- Practice resetting and forcing password changes using both GUI and net command methods.