Windows Security Tips

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
is your system secure now before you answer that question you should probably watch this video stay tuned [Music] now we all know that security is a very important aspect of life and the security of your Windows PC is mostly reliant on you just like it is in most cases many people believe that since they pay for an antivirus that's all they need to be secure unfortunately that's simply not the case I typically tell people that when it comes to your security your antivirus makes up about 10 percent and the other 90 percent comes from Best Practices by Best Practices I need not only how you configure your computer but how you interact on and off your computer believe it or not a lot of security issues can be avoided by simply knowing what not to do so then without wasting any more time let's jump on the computer and I'll show you okay so the first thing that we're going to look at today is I think one of the most basic rules in keeping your computer secure and that's your account itself if you click on start go into settings right here go into accounts you'll see that I'm using a local account now personally I think local accounts are the most secure especially when it comes to your data Integrity because here's the problem Microsoft accounts will synchronize your data using OneDrive between multiple computers so if you have more than one computer your personal information could be on several different computers and if that happens if you have your notebook and you're out in public and someone steals it well then they have all your data too so I believe it's really important from a security standpoint to use a local account instead of a Microsoft account and now with that said you can see that I'm actually using an administrator account in this one I'm going to go ahead and close this we're going to jump into control panel real quick and I want to show you something if we go into control panel here and we go into user accounts and then from user account we're going to go into change account type and from change account type you have the option to either go standard user or administrator now it could provide you with more security if you use a standard user account within Windows because anytime that any kind of administrator function needs to happen you'll actually have to enter an administrator password in order to do that now it is annoying it does make things work a little bit differently and that's why I typically use an administrator account however if you have a user on your system that you really don't want to be messing around with settings and installing programs and things of that nature then it's a really good idea to have them be a standard account so that whenever anything needs to be changed they need your password in order to do it now depending on whether or not you choose to run an admin account or a standard account one thing that should remain the same in both cases is UAC which stands for user account control user account control is simply Windows notifying you when changes are being made to your computer it's those annoying pop-ups that always ask you if you're sure you want to do the thing that you're doing many people are tempted to disable this because they don't want to see pop-ups all the time however I would reconsider doing this because UAC really does make your system more secure now if you choose to run as a standard account instead of an administrator account then UAC will not allow changes to be made to your computer without an administrator password however even if you're using an administrator account UAC will still give you the prompt when changes are going to be made to the system it just doesn't require a password that is if it's configured correctly for that let's jump back on the computer and I'll show you some options you have okay so in order to set up UAC what we're going to do is click on the start menu and just type UAC and you'll see user account control settings right here now as you can see with mine I'm on the second Notch right here typically this is the default now the reason why I lower mine down a little bit is I'll show you right now if you click on start and you click OK it gives you the user account control box well the fact that you can see that is the reason why I use the second one instead of the third one see I'm going to go ahead and hit yes now I'm going to go back into UAC and from here I'm going to flip it back down to the second one now when I hit OK here as you can see the screen goes black now this is due to my video capture right here so once I agree and hit yes to the user account control you can see the screen again so the reason why I do this is just to make screen recordings come out better because it's nice to let you guys see the user account control screen however I don't recommend changing this on a normal basis for a regular system and in all of my other installs of Windows I always use it at default value now if you want you can turn this all the way up however on this case I think this is a little extreme I think keeping it at default right here which is the third from the bottom usually works pretty well okay so now that we went over that this next one might be a little bit controversial and that's passwords obviously if you want your windows account to be secure it needs to be password protected that's kind of obvious however I tend to go a little Against the Grain on this topic many people claim that the most secure passwords are the most complicated passwords and honestly to a certain extent that's true however that's not taking into account one major variable that variable is the ability for a person to remember the password I mean you can have the most complicated password in the world but if you have to write it down and put it on a sticky note under your keyboard then you might as well not have a password at all I know a lot of people are going to disagree with me on this topic however I believe complicated passwords are inherently insecure because they require a user to write them down I think that a great alternative to complicated passwords is nonsense statements you'll find these a lot of times on Netgear routers as the default wireless password like Pelican umbrella 24. you could even use a password like blue sleeps polyester at midnight I think this is much more secure than the common password rules that you see many websites enforcing by using a nonsense statement it protects against dictionary attacks because a lot of these words don't commonly go together and it's easier to remember so you don't have to write it down ultimately when it comes to passwords as long as you have a unique and strong password for your email and a different one for each of your financial institutions you can pretty much do whatever you want with everything else whatever you do don't use the same password for everything all it takes is some obscure website that you sign up for afford to get hacked and that hacker has your password for everything and keep in mind a lot of the time your username is your email address and if you've used the same password as you did for your email then the hacker just got access to your email account now let's jump on the computer and I'll show you how to set up a password in Windows okay so passwords are pretty easy to set up essentially all you do is click on start go into settings and then from settings you're going to want to go into accounts and then you're going to want to go into sign in options now if you're not using a Microsoft account a lot of these aren't going to be available to you like anything with Windows hello isn't going to work you're essentially going to have security key or password that's it and you can set up a security key if you want but I would just recommend setting up a password so if you click on password go ahead and click on ADD and then you just create your new password just like that now one aspect of security that I think a lot of people don't think about is physical access everything we've talked about so far and everything that we're going to talk about later in this video is very important but it means absolutely nothing if someone has physical access to your computer I mean if someone with a little bit of knowledge is sitting in front of your computer the things that you've done to secure it mean very little I have people call me all the time who have lost a loved one and after the Smoke Clears they want to get access to their computer there's very few instances where I can't get access to that computer within a couple of minutes passwords mean nothing if you can simply clear the password from an offline tool I can typically even convert a Microsoft account to a local account and then clear its password in fact there's really only one instance where I can't get access to the computer and that systems that use BitLocker this is Microsoft's built-in hard drive encryption and when Windows 10 and 11 Pro unfortunately this doesn't apply to you guys running Windows home edition however once I give you my opinion you'll see that you're not missing out on that much and you know what here's the thing yes using BitLocker will make your system more secure like I said before I can't get around BitLocker unfortunately in many cases that goes for you too there's been a practice that Microsoft has been doing lately where they automatically enable BitLocker in Windows 1011 Pro when you sign in with a Microsoft account and you know what I get why Microsoft's doing it it makes the system more secure unfortunately there have been several times that I've seen customers themselves get locked out of their system and there's really nothing I can do about it if they're locked out of their Microsoft account then they can't get their backup encryption key for BitLocker and the data on the drive is unrecoverable now I've only seen this happen about a half dozen times but every time has been very fortunate because the people have data on the drive that they need in those cases the only recourse we had was to reload Windows and simply lose the data so unless you really know what you're doing and you understand the implications I would avoid BitLocker if you do use it then make sure you have a good backup just in case now moving on we need to jump back on the computer for the next one okay this next one is kind of a bizarre one but if you click on start and you go into create a restore point system restore has been something that Windows has had since Windows me and for some reason Microsoft has disabled the ability to create automatic restore points in system restore and I have no idea why they've done it but I'm going to show you how to reverse that because it's a really good idea to have automatic system restore points so to do this first thing you need to do is with your system properties open in system restore here you want to go into configure and you want to make sure it's checked to turn on system protection and then once you do that you want to give it a little bit of space too I'm giving mine 30 but that's because this is a test computer and I use system restore a lot on this computer in order to make videos you don't need to have it on thirty percent usually it's between three to five percent is what the default typically is now once you have this set you go ahead and hit OK and then close this and there's one more setting that we need to make and this one one's going to be in the registry so to do that you click on the start button open reg edit and then from here hit yes and then once it opens up where you're going to want to go is local machine and then software and then from software you want to go down to Microsoft and then you want to go to Windows NT and you're gonna have to scroll down a little bit for this one it's all in alphabetical order so just scroll down to the W's and then once you get that go to Windows NT here and then you want to go to current version and then from there you want to go to system restore so scroll down until you find system restore and here's system restore right here and then from here we want to create a new d word value and for that we right click go new we're going to hit d word 32-bit and then you're going to want to name this right here system restore point creation frequency and then go ahead and hit enter go ahead and copy that off the screen I'm going to have it on the screen right here to make it a little bit easier to copy and then go ahead and open this d word value up and you're going to want to verify that it's set to zero and once you do that go ahead and hit OK and then your system should create system restore points automatically from this point forward okay so the next one that we need to look at today I think many people put entirely too much trust in and that's your antivirus program I don't recommend people go without an antivirus program because it's nice to have a final line of defense just in case everything else you do fails however you shouldn't rely on your antivirus as your only means of security just consider your antivirus and insurance policy when you get homeowners insurance you don't start letting the kids play with matches but in the event that an accident happens hopefully your insurance will kick in also on that subject I don't recommend using retail antiviruses I personally believe that they're inherently insecure because they stop working if you don't renew your subscription trust me I see a lot of people using expired antiviruses I typically just recommend people use Windows security I get computers in my shop running every antivirus available on a pretty regular basis so no one antibi virus is more secure than another so you might as well use the one that's free and comes with Windows and save yourself some money and you know what though while we're on the topic of software another very important part of security is keeping your software up to date this not only goes for the programs that you use but for Windows itself software developers are not perfect they make mistakes just like everyone else sometimes these mistakes lead to major security vulnerabilities and you know as these security vulnerabilities are discovered they need to be patched the way you do that is by keeping your software up to date this means not disabling Windows update I know a lot of people get annoyed with how often their computer wants to update now I get it it can get annoying at times however Windows has been doing a much better job of this when it comes to Windows update it's okay to wait on feature updates but it's not okay to wait on security updates and that's because you have have no idea how long a security vulnerability has been known about before the security update was even released it could have been years so it's extremely important to install security updates as soon as possible the next topic I want to cover is DNS servers DNS stands for domain name system when you enter a website address into your browser your computer has no idea what that address name is that's where DNS comes in your computer makes a request to your DNS server to get an IP address to the domain that you're requesting the DNS server responds with the IP address that your computer can use to go to the website now the way this relates to security is that DNS servers can protect you from malicious websites many organizations provide free DNS services and they also keep a list of known malicious websites when your computer requests an IP address to one of those malicious websites then the DNS server can redirect your computer to a website warning you about the malicious website you're trying to go to now there's many different options available for DNS servers a few that I recommend are open DNS and Google Google is probably the best when it comes to filtering malicious websites but it's also the most intrusive when it comes to violating people's privacy open DNS on the other hand is very configurable and allows you to filter more than just malicious websites you can filter websites by category or the domain name itself so let's jump on the computer and I'll show you how to configure your DNS settings in Windows all right so to do this we're going to have to go into control panel here so go ahead and close whatever you have open we're going to click on the start button and type in control panel go ahead and open it from the list here we're going to go to network and internet Network and Sharing Center and then from here we want to go to change adapter settings and then when we click on that here's the ethernet adapter on my computer so I'm going to go ahead and right click hit on properties and then from properties we want to go to Internet Protocol version 4 ipv4 and go ahead and hit properties and then from there on the bottom go ahead and say use the following DNS servers now if you use 8.8.8.8 and then 8.8.4.4 this here is the Google DNS servers and these are the ones that are probably going to have the best list of malicious websites but they it's completely unconfigurable if you want to use Open DNS then you'll have to go sign up for an account with open DNS and they'll give you the DNS addresses that you should use in place of these if you want to go that route and then from this point as soon as you hit OK it should change your DNS servers on your computer and if you want to verify that go ahead and close this and double click on your ethernet connection and then go down into the details button right here and if you click on that you'll see that your DNS servers are now 8.8.8.8 with the secondary is 8844 and it's also possible to set your DNS settings directly in your router so that every computer on your network automatically uses those DNS settings however you're going to have to refer to your router's documentation to do that on your specific router either way that's the way I recommend setting up your DNS rather than in Windows ultimately though it's a great idea to use an alternate DNS service not only will DNS requests be a lot faster than your isps DNS servers but you'll also have the added security of being able to filter malicious websites DNS servers can help to prevent things like phishing attacks as well as other domain-based attacks so when you go to that obscure website and you see the banner that says you're the millionth visitor you're actually not the millions visitor and you haven't won a prize but if you're using an alternative DNS service they'll probably block the link that you're about to click ultimately when it comes to securing your system the majority of the work has to be done in your head it comes down to teaching yourself what you should and shouldn't do you don't always have to rely on software and services to keep you safe because ultimately your system security comes down to the person behind the keyboard but with that said if you'd like to know how to set up your own DNS server at home then click on this video here where I show you how to set up a home DNS server from a Raspberry Pi using a project called pie hole you guys have a great day
Info
Channel: CyberCPU Tech
Views: 59,735
Rating: undefined out of 5
Keywords: secure windows 11, make windows 11 secure, windows 11 security guide, how to keep your windows 11 computer secure in 2022, how to secure windows 11 from hackers, windows 11 security settings, how do i make windows 11 secure and private, windows security settings, windows security settings windows 11, keep your computer secure, windows 11, security, settings, secure, pc security, computer security, windows 10, internet security, cyber security
Id: fcydKLBb4A8
Channel Id: undefined
Length: 18min 32sec (1112 seconds)
Published: Mon Nov 14 2022
Related Videos
Windows Privacy Setup
CyberCPU Tech
205K
Bad News For Windows Recall & How To Disable it
CyberCPU Tech
122K
The Anti-Virus Tier List
Chris Titus Tech
915K
Windows 11 24H2 is Going To Be A Huge Update!!
CyberCPU Tech
290K
Windows 10: End of Support! What You Need to Do Now
Licensing Lab
10K
How To Make Windows 11 Better
CyberCPU Tech
387K
Windows Security settings you must change ASAP!
Liron Segev
122K
Windows 10 Feature Updates and Extended Support
CyberCPU Tech
61K
Disable Windows Recall and Copilot+ on Windows 11
Britec09
21K
More People Want Windows 10!!
CyberCPU Tech
95K
The Ultimate Windows Hardening Guide For 2023
Ken Harris
4K
Don't buy an anti-virus - do THIS instead!
Liron Segev
1.9M
Windows 11 24H2 is WORSE THAN Windows 8 | RANT:30
Tek Syndicate
146K
Windows 11 Privacy Settings Tutorial
Kevin Stratvert
198K
Best Security Settings For Windows 11
Britec09
22K
Are You Tired Of Windows Spying On You?
CyberCPU Tech
92K
Online Privacy & Security 101: How To Actually Protect Yourself?
Wolfgang's Channel
220K
How to know if your PC is hacked? Suspicious Network Activity 101
The PC Security Channel
1.2M
The Slow Death of Windows
TechAltar
1M
The 7 Worst Operating Systems Ever
ThioJoe
1.8M
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.