Windows Vista is susceptible to password cracking as every other system. It is therefore required to take steps to prevent this from occuring on your system or network so that security is kept locked down. A user who gains access to the system can cause damage and gain access to documents they should not be looking at or intercept communications between your users.
There are a few ways in which this is accomplished:
1) Guessing your passwords: Someone could gain access to the system simply by guessing passwords, which is why it is a good idea to not let others see what username you are using so it is another step harder to break into the system. You shoud therefore change guest account or diable them completely as this can be easy access as well as change the name of the administrator account to something that would not be obvious to a passwod cracker.
2) Following on to guessing passwords is brute force attacks against your login system. This is done by systematically guessing your passwords until the correct password has been found. The cracker is therefore able to continuously check whether the correct passwiord has been found and can do so much quicker than manually finding out the password. This method uses dictionary words as well as simply going through every word combinaion and even including numbers in the password howeevr the more sophisticated the atack is, the longer it will take. That is why words from the dictionary are not advisable as your passwords and it is always good to follow Microsofts reccomendations on what sort of passwords to choose for your accounts. In order to combat these attacks however, you can cvhoose a secure password polic such as locking out accounts after a small amount of attempts or requring password changes frequently.
3) Another way to find out your passwords is to either view a user typing it into the computer or to sift through documents in search of a list the user may have written by hand left in a drawer on on top of a desk. Some sers may even have a post it note on their monitor containing thier password or passwords which is a great threat to security. Physical access to the computers and network should be monitored by never allowing unauthorised users to get to the network rooms. If a user is allowed access to resources they should have access to they could also install key logging tools which allows them to intercept passwords or other data very easily and even have this information sent directly to them via email or other forms of communication. This is a problem that trojans and other forms of malware cause and can be very useful for the cracking in spying on the users and then gaining access to the system.
