This article used to be on one of my business sites, but I moved it here. Over the XP years, I used noticed that so many clients and friends just didn't have very secure Windows XP setups. I created this page to help them have safer XP experiences.
While I'm not a computer security expert by any means - I have some experience, but more importantly I have friends and colleagues who are experts. Working with them, I came up with this checklist.
Now the standard disclaimer: I accept no responsibility for anything you do or don't do to your own computer, and by implementing anything you see here on your computer, you accept full responsibility for your actions, inactions, or mistakes.
Now that that's over with, here's a checklist of how to create a safer XP experience.
(1) Use a limited user account in XP for daily use.
WHY:
Malicious programs cannot install themselves on your machine if you are using a Limited user account.
DETAILS:
Most people use an Admin user account with XP on a daily basis. But why? The only time you really need to do that is when you want to install, update, or remove a program.
HOW:
Start > Control Panel > User Accounts.
If you have an established Admin user account you use for daily use now, no problem.
First, create a new Admin account with a password. Write your password down and do not lose or forget it.
Next, go back to your old XP account, and change the account type to "Limited'.
OTHER NOTES:
Some programs (such as Quickbooks) will only run under an admin account. If you have XP Pro, to run these under your Limited user account,
right click them, choose "Run As", Select your Admin account name and enter your password. If you have XP Home, go Start > Log Off > Switch User, and then switch to your Admin user account to run the program in question.
Microsoft was moronic for not adequately explaining this feature to the average user during setup - or having it actually be a required part of XP setup out of the box. It's akin to putting a deadbolt on your door, and then never locking it. For the millions of computer users that get a computer with XP pre-installed, they should have just made it so two accounts came pre-wired - one called "Install/Remove/Update Only Account" (Administrator) one for daily use (Limited).
(2) Put a password on all your XP user accounts.
WHY:
So other people and programs can't access your files.
DETAILS:
You'd be surprised how many moms and dads, grandmas and grandpas don't put passwords on their user accounts. This opens up a lot of security holes (especially for Admin User accounts).
HOW:
Start > Control Panel > User Accounts.
Select your account, add a password.
(3) Use Firefox instead of Internet Explorer.
WHY:
Firefox is more secure than Internet Explorer.
DETAILS:
While Microsoft's Internet Explorer 7 is more secure than the abysmal Internet Explorer 6,
Firefox is still a safer browser.
HOW:
Using an Admin user account, go to http://www.mozilla.com/en-US/firefox/, and install Firefox.
OTHER NOTES:
Once you install Firefox, make sure you use actually use it for your daily web browsing.
You can still use IE7 every once in a while as your secondary browser, but Firefox should be the primary browser.
(4) Use Anti-Spyware and Anti-Phising software.
WHY:
Because Spyware and Phishing programs are all over web and your email, they can cripple your computer, and they can make your life hell.
DETAILS:
You might have antivirus software, but it probably doesn't do anything about spyware or phishing - two threats that come from web browsing and clicking on links in forged emails.
HOW:
Using an Admin User account, download and install the following programs (they're free):
SpywareBlaster - http://www.javacoolsoftware.com/spywareblaster.html - Helps prevent the installation of spyware and prevents access to known phishing web sites.
AdAware (free version) - http://lavasoft.com/products/ad_aware_free.php - Removes spyware from your machine.
OTHER NOTES:
Once you install these programs, open them, run updates, and then run them.
Once a month or so, update and run these programs from an Admin user account to remove current spyware.
Don't click on links in emails. It's a bad idea.
A paid product that has gotten decent reviews is SpywareDoctor, available at http://www.pctools.com/spyware-doctor/
(5) Turn on automatic updates.
WHY:
So your computer automatically applies all XP patches and security fixes.
DETAILS:
If you've got an updated version of XP, this should be on by default - but you should definitely make sure.
HOW:
Using an Admin User account:
Start > Control Panel > Automatic Updates
Turn it on.
(6) Use a Firewall.
WHY:
It's an extra layer of protection against outsiders trying to get into your computer.
DETAILS:
As a bare-minimum, turn on the Windows Firewall. For more robust protection, use a decent third-party firewall.
HOW:
Using an Admin User account:
Start > Control Panel > Windows Firewall
Turn it on.
OTHER NOTES:
A decent third party firewall is Comodo Firewall (http://www.personalfirewall.comodo.com/), which is free.
(7) Make sure you have antivirus software.
WHY:
Antivirus software helps prevent your machine from being crippled by viruses in email and on the web.
DETAILS:
Viruses typically come in the format of attachments in forged emails, but also can come from bad web sites or software.
HOW:
Using an Admin User account, install, update and run good antivirus software.
OTHER NOTES:
Unfortunately, popular antivirus products from Norton and McAfee are typically too bloated these days. These products are typically the 12-in-1-style programs that tie up and bog down your computer's performance.
A decent, free antivirus product is ClamWin: http://www.clamwin.com
A decent, paid antivirus product is NOD32 by Eset: http://www.eset.com/
Once you install an antivirus program, open it, run updates, and then run it.
Once a month or so, update and perform a system scan with your antivirus program from an Admin user account to remove any current viruses.