ArtsAutosBooksBusinessEducationEntertainmentFamilyFashionFoodGamesGenderHealthHolidaysHomeHubPagesPersonal FinancePetsPoliticsReligionSportsTechnologyTravel

3 common home PC security flaws

Updated on May 16, 2013

3 common home PC security flaws

There are a great many ways to secure your personal PC. The most obvious include firewalls and anti virus, but there are three security flaws that are often left open to malicious intent.

This hub will investigate 3 ways in which your home computer might well be insecure. The hub is aimed for non computer professionals, that purchased their computer with the OS already installed.

Reset password with Computer Manager

  • Open Computer Manager
  • Navigate to the Local Users and Groups node, and select 'Users'.
  • You should see a list of all of the user accounts on your computer.
  • Right-click on the account called 'Administrator'
  • Select 'Set Password...'
  • Enter a password for the account

The Administrator Password

When you install Windows, an Account is created called 'Administrator'. This account is not available to you via the normal user selection screen, so you may not know that it exists. This account has complete admin control over your PC, all of your programs, and all of your files. Should a child, guest or hacker take control of this account, your computer could be in trouble.

Setting an Administrator password is very simple, and can be done from your normal user account assuming it has admin rights. I would personally recommend that you should make your normal account, a user rather than an administrator. But this can be annoying when you want to install programs etc.

When logged into an account with administrator permissions you can reset the password for the Administrator account easily. On your desktop (or in your Start menu) you should have an icon for 'My Computer'. Right click on this shortcut, and select 'manage' from the menu. This will open the Computer Manager tool.



The BIOS Password

When you turn on your computer, before windows starts loading, your computer is being controlled by the Basic Input Output System (BIOS). The BIOS is actually a chip, on the motherboard in your computer.

Different manafacturers of motherboards, use different BIOS's so it is impossible to write a guide that will deal with all of them. However, every BIOS has the same basic set of functions and comes, by default, without a password set.

A remote hacker is highly unlikely to find a way to access your BIOS. But your children could quite easily access the tool and change something. If the wrong thing is changed, and you have no idea what it was, then you may well need to call out an expensive computer repair man.

When you first turn on your computer, it goes through a selection of checks. You may see a black screen with lots of changing text, or you may wait at a splash screen for a while, while the checks occur in the background.

At some point, a message along the lines of "Press F12 to enter Setup" will appear. Different BIOS's use different keys to access them. F12 seems to be one of the most common, I have also had a few PCs that asked you to press 'delete'. What ever your access key is, pressing it at the right time will load the BIOS setup utility.

In order to secure your BIOS, restart your PC, and press the appropriate access key. Use the mouse to navigate through the various pages, until you find the setting controlling the admin password. Change the password, navigate through the pages until you find the save option, and then save the new setting.

You can also set a boot or user password in the same place. Unless you have reason to do this, I would not set this password. If you do so, you will have to enter a password every time you turn on your computer. The BIOS password is only needed, when loading the BIOS setup utility.

Wireless Encryption

Wireless home networks are starting to become the norm. By default most wireless routers and access points will not be encrypted. This is often even the case with wireless routers provided by your ISP, although that does seem to be getting better (at least here in the UK).

When you use your wireless network, information is sent through the air, a neighbour or just a random person parked outside your house with a laptop, will be able to use software that captures the information your wireless network is sending. This same person could also connect freely to your unsecured wireless network, and use your Internet connection, or even hack your computer.

Unfortunately, the various editions of windows, and the various makes of routers and access points, all have different ways of configuring a wireless network. This article cannot cover the full spectrum, so will try to underline the core fundamentals.

Your wireless router has a web server on it. If you go to that web server using your browser, you can manage the hardware. To do this, you will first need to establish the IP address for the wireless device. Assuming your wireless device is also your modem, finding the IP address should be very simple.

Click the Start button and select the 'Run...' option. Type the command cmd and press enter, this will open a black Command Prompt. In the command prompt type the following, and then press enter.

ipconfig /all

This will bring up all kinds of information about your network devices. You are looking for the IP address listed as 'Default Gateway'. Type this IP address into your browser, and you will load the admin web page for your wireless router.

You will need to know the default username and password for the wireless device. These tend to be common for different manufacturers, so if you cannot find your manual, the username and password for default admin account for the hardware, should be reasonably easily to find using google. Once you have logged into the router you should change the password for the admin account.

Hunting through the options, you should find settings that relate to Wireless Security. There are several versions of encryption available, the most common being WEP, WPA and WPA2.

Wired Equivalent Privacy (WEP) - WEP is the first major protocol implemented for encryption. It is the least secure, and can be cracked by various bits of malicious software, but it is much better than no encryption at all.

Wi-Fi Protected Access (WPA) - WPA is a more secure encryption than WEP, and should be selected if you have the option.

Wi-Fi Protected Access 2 (WPA2) - WPA2 is currently the most secure method of wireless encryption. Your router may have two modes; WPA with Radius Server and WPA with Pre Shared Key (PSK). As you are unlikely to have a Radius server, you will want to select the other option.

All of these encryption options will generate a key that will be required to connect to your wireless network, or to read the contents of the data sent over the network.

When you save the new security settings you will lose access to the router and your wireless network. If you have managed to do this without making a note of your key, then connect your PC to the router via an ethernet cable, and load the web page as before.

Assuming you have not done it wrong, view the list of available wireless network. Yours should be listed as a secured network, but your previous connection will not work. You will need to delete the original saved connection, and then try to connect again. Enter the wireless key when requested, and your network will now be secure.

Comments

    0 of 8192 characters used
    Post Comment

    No comments yet.

    working

    This website uses cookies

    As a user in the EEA, your approval is needed on a few things. To provide a better website experience, hubpages.com uses cookies (and other similar technologies) and may collect, process, and share personal data. Please choose which areas of our service you consent to our doing so.

    For more information on managing or withdrawing consents and how we handle data, visit our Privacy Policy at: https://hubpages.com/privacy-policy#gdpr

    Show Details
    Necessary
    HubPages Device IDThis is used to identify particular browsers or devices when the access the service, and is used for security reasons.
    LoginThis is necessary to sign in to the HubPages Service.
    Google RecaptchaThis is used to prevent bots and spam. (Privacy Policy)
    AkismetThis is used to detect comment spam. (Privacy Policy)
    HubPages Google AnalyticsThis is used to provide data on traffic to our website, all personally identifyable data is anonymized. (Privacy Policy)
    HubPages Traffic PixelThis is used to collect data on traffic to articles and other pages on our site. Unless you are signed in to a HubPages account, all personally identifiable information is anonymized.
    Amazon Web ServicesThis is a cloud services platform that we used to host our service. (Privacy Policy)
    CloudflareThis is a cloud CDN service that we use to efficiently deliver files required for our service to operate such as javascript, cascading style sheets, images, and videos. (Privacy Policy)
    Google Hosted LibrariesJavascript software libraries such as jQuery are loaded at endpoints on the googleapis.com or gstatic.com domains, for performance and efficiency reasons. (Privacy Policy)
    Features
    Google Custom SearchThis is feature allows you to search the site. (Privacy Policy)
    Google MapsSome articles have Google Maps embedded in them. (Privacy Policy)
    Google ChartsThis is used to display charts and graphs on articles and the author center. (Privacy Policy)
    Google AdSense Host APIThis service allows you to sign up for or associate a Google AdSense account with HubPages, so that you can earn money from ads on your articles. No data is shared unless you engage with this feature. (Privacy Policy)
    Google YouTubeSome articles have YouTube videos embedded in them. (Privacy Policy)
    VimeoSome articles have Vimeo videos embedded in them. (Privacy Policy)
    PaypalThis is used for a registered author who enrolls in the HubPages Earnings program and requests to be paid via PayPal. No data is shared with Paypal unless you engage with this feature. (Privacy Policy)
    Facebook LoginYou can use this to streamline signing up for, or signing in to your Hubpages account. No data is shared with Facebook unless you engage with this feature. (Privacy Policy)
    MavenThis supports the Maven widget and search functionality. (Privacy Policy)
    Marketing
    Google AdSenseThis is an ad network. (Privacy Policy)
    Google DoubleClickGoogle provides ad serving technology and runs an ad network. (Privacy Policy)
    Index ExchangeThis is an ad network. (Privacy Policy)
    SovrnThis is an ad network. (Privacy Policy)
    Facebook AdsThis is an ad network. (Privacy Policy)
    Amazon Unified Ad MarketplaceThis is an ad network. (Privacy Policy)
    AppNexusThis is an ad network. (Privacy Policy)
    OpenxThis is an ad network. (Privacy Policy)
    Rubicon ProjectThis is an ad network. (Privacy Policy)
    TripleLiftThis is an ad network. (Privacy Policy)
    Say MediaWe partner with Say Media to deliver ad campaigns on our sites. (Privacy Policy)
    Remarketing PixelsWe may use remarketing pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to advertise the HubPages Service to people that have visited our sites.
    Conversion Tracking PixelsWe may use conversion tracking pixels from advertising networks such as Google AdWords, Bing Ads, and Facebook in order to identify when an advertisement has successfully resulted in the desired action, such as signing up for the HubPages Service or publishing an article on the HubPages Service.
    Statistics
    Author Google AnalyticsThis is used to provide traffic data and reports to the authors of articles on the HubPages Service. (Privacy Policy)
    ComscoreComScore is a media measurement and analytics company providing marketing data and analytics to enterprises, media and advertising agencies, and publishers. Non-consent will result in ComScore only processing obfuscated personal data. (Privacy Policy)
    Amazon Tracking PixelSome articles display amazon products as part of the Amazon Affiliate program, this pixel provides traffic statistics for those products (Privacy Policy)