WinSecWiki > Security Settings > Local Policies > Security Options > Accounts > Limit local account use of blank passwords

Accounts: Limit local account use of blank passwords

As the name implies, this policy only has effect on local SAM accounts; it does prevent domain accounts with blank passwords from logging on.

This is a useful fail-safe against local SAM accounts with blank passwords. When enabled, you cannot logon via Remote Desktop or with a network connection (such as to a shared folder) with a local account that has a blank password.

Bottom line

Enable this but remember that best practice is to avoid the use of local accounts to begin with.

Back to top

 

Additional Resources