Navigation


Content

Tip: keyboard shortcut Ctrl+F searches in the page contents.

Securing Windows

How to make Windows XP, Vista, 7, 8 and 8.1 more secure for free

By . Last modified: 2013-09-19.

Good security keeps Microsoft Windows running well. By default, many configurations are already set correctly in Windows, but it is always best to double-check and enhance some points.

Follow these steps to keep Windows and installed applications secure:

Also, do not forget to:

  • Install one free and effective anti-virus program - this will kick out most malware. Windows 8 and 8.1 already have the improved Windows Defender that is much like the free Microsoft Security Essentials, so additional virus protection is not always necessary there.
  • Install one or more effective and free anti-malware programs - to remove some really nasty malware that anti-virus software fails to detect or remove.
  • Use other free security software - WOT Safe Surfing Tool to block malicious web pages and downloads, Secunia PSI to update non-Microsoft programs automatically, Trusteer Rapport to avoid losing your money and sensitive information through banking malware or phishing, and Microsoft EMET to protect from malware that misuses zero-day bugs.
  • Configure your web browsers and applications properly - this will avoid information leakage and malware installations.

Windows Professional, Business and Ultimate users should also set a good Local Security Policy to enhance account security and start logging important events.

And then there's the little thing that everyone just keeps forgetting - set up automatic backups to be on safe side in case something goes wrong. Smile

Data Security section has some additional security tutorials that help in making Microsoft Windows even more secure:
  • NTFS permissions in Windows - how to set file and folder access rights to keep sensitive information safe.
  • Encrypting File System in Windows - how to encrypt and decrypt files and folders in Professional/Business and Ultimate/Enterprise editions of Windows.
  • TrueCrypt - how to use free top-notch encryption software to encrypt full system drives or create encrypted containers for files and folders. This one works in all Windows XP, Vista, 7 and 8 editions.

About physical security

While you can secure programs and file systems, you should never forget to enhance physical security of your Windows computer.

For devices that contain sensitive data, using a startup (BIOS or UEFI) password is strongly recommended. The Computer boot order article shows how to get into BIOS/UEFI; find password settings there and define a new password. To prevent unauthorized access, this passphrase will then be asked each time you turn on or restart your computer.

If your computer has several users or you use it in an environment where other people have physical access to it, you should always lock screen before leaving your PC. The easiest way to accomplish this is to use keyboard shortcut Windows Key+L. Other users can still log on with their own accounts thanks to User Account Switching, but they will have no access to your account and files.
In Windows 8 and 8.1, you can choose which apps display notifications and status updates on Lock screen.

To make your account and personal data even more secure, I strongly recommend enabling automatic screen locking in Windows - this will minimize the chance of unauthorized access even when you forget to lock your screen.

To turn on automatic screen lock, right-click on an empty area of Desktop.
In Windows XP, click Properties.
In Windows Vista, 7, 8 and 8.1, click Personalize.
Windows XP Desktop. To enable automatic screen lock, right-click on Desktop area and click Properties. Windows 7 Desktop, right-click menu. To turn on automatic screen locking, right-click on Desktop area and click Personalize.

In Windows XP, open Screen Saver tab of Display Properties window.
In Windows Vista and later, click Screen Saver in Personalize appearance and sounds or Change the visuals and sounds on your computer window. This will open Screen Saver Settings window.
Windows Vista, Personalize appearance and sounds. Click Screen Saver. Windows 8, Change the visuals and sounds on your computer. Click Screen Saver.

Select your favorite screen saver. In Windows Vista and later, you do not really have to choose one, but in Windows XP you must make a selection in order to enable screen locking. Use Blank to minimize CPU usage while screen saver is active.
Next, specify screen saver timeout (5-10 minutes recommended) in the Wait field and enable the On resume, display Welcome screen (Windows XP only) or On resume, display logon screen option.
Windows XP, Display Properties, Screen Saver tab. Select a screen saver, specify Wait time and enable the 'On resume, display Welcome screen' option to turn on automatic screen locking. Windows Vista, Screen Saver Settings. Select a screen saver, specify Wait time and enable the 'On resume, display logon screen' option to turn on automatic screen locking.

Click OK to close configuration windows, automatic screen lock is now active.

Privacy settings in Windows 8 and 8.1

Windows 8 and 8.1 allow Modern UI (aka Metro) apps to access and store location information. This can be helpful while using the new Maps or Weather applications, but not so good for social networking (People and Messaging apps). You should not reveal your location to everyone, for this can be misused by cybercrooks or ill-intended people (stalking, identity theft, even robberies).

First, you can turn off location tracking in each application - just use keyboard shortcut Windows Key+I to open current app settings and click Permissions. Then click Location slider in Privacy section to prevent its access to location data.
Touch-screen users should first swipe in from the right edge of screen and tap Settings.
Windows 8, Weather, Settings Charm. Click Permissions.Windows 8, Weather, Settings Charm, Permissions. Click Location to turn geolocation off.

Second, you can disable location tracking completely for all apps and programs. Again, use keyboard shortcut Windows Key+I to open Settings Charm. Click Change PC settings in the bottom of the bar.
In Windows 8, open Privacy tab from the left and set the Let apps use my location slider to Off.
Also, make sure that the Let apps use my name and account picture slider is set to Off to prevent possible personal information leaks.
Windows 8, Settings Charm. To modify Windows options, click Change PC settings. Windows 8, PC Settings, Privacy. To disable geolocation, click the 'Let apps use my location' slider to turn the option off.

In Windows 8.1, Privacy tab has several subtabs. In General tab, make sure that the Let apps access my name, picture and other account info is set to Off to keep away possible PII (personally identifiable information) leaks.
Also, disable the Let apps use my advertising ID for experiences across apps option to minimize tracking possibilities.
Windows 8.1, PC Settings, Privacy, General. Turn off 'Let apps access my name, picture and other account info'  and 'Let apps use my advertising ID for experiences across apps' options.

Open Location tab. To disable geolocation/location tracking completely, turn the Let Windows and apps use my location slider to Off position. You can also disable the feature for individual Modern UI apps here, so you do not have to open and configure each app separately in Windows 8.1 anymore.
Webcam and Microphone tabs provide the same options. Because webcams and microphones can be misused for spying on people (including in sexual manner for young attractive women and men, mostly through malware), it is strongly recommended to disable access to these devices if you do not use them.
Better yet, cover your built-in webcams with a Post-It note or sticky non-transparent tape. Modern malware is well capable of turning off recording indicator lights while uploading live feed to servers set up by cybercrooks.
Windows 8.1, PC Settings, Privacy, Location. Turn off 'Let Windows and apps use my location' option.

Now Windows 8 and 8.1 apps state that location tracking is globally disabled - see the "Apps cannot currently use your location. Go to PC settings to turn location on" message.
Windows 8, Weather, Settings Charm, Permissions. 'Apps cannot currently use your location. Go to PC settings to turn location on' means that geolocation has been disabled.

Please support winhelp.us:
No PayPal account required!

 Comments? Suggestions? Ideas? Let me know! 
Your name (public):
Your e-mail (will not be displayed):
Title:
Notify me of new comments to this item: (send e-mail to info[at]winhelp.us to stop receiving)
Your comments/suggestions/ideas (no HTML code!)
winhelp.us owners reserve the right to remove or not publish comments that they find unacceptable because of strong language, inappropriate contents, advertising or spamming.
winhelp.us Privacy Policy.
This is a captcha-picture. It is used to prevent mass-access by robots. (see: www.captcha.net)
Share: Facebook Google+ Twitter LinkedIn StumbleUpon Pinterest E-mail

Browser and plugin check Google Custom Search Donate to keep this site running