The large number of threats and types of malware that circulate on the network today makes those who worry about the security of your computer and all the data stored on it. That is why, the majority of users have a security or antivirus tool on their computers. In the case of Windows 10, the Microsoft operating system has its own antivirus pre-installed, although there are also many system settings that allow us to ensure the security of our equipment. Next, we will show how to configure Windows 10 antivirus, Windows Defender, for maximum protection and what settings allow us to improve system security.
The truth is that there are many who affirm that Windows Defender has become one of the best solutions for Windows 10 security, however, there are certain configurations or system settings that allow us to protect ourselves and keep our equipment and all information stored in it. In this way, we will not only be protecting ourselves from possible viruses or threats, but also from anyone who tries to enter our computer with no good intention.
Windows 10 privacy and security settings
Set up a password, pin or fingerprint
Protecting access to our system is essential to prevent anyone from having access to all the information stored on our equipment. For this and for the security of our data, it is recommended to establish a password, PIN or fingerprint to access our equipment.
To do this, in Windows 10 all we have to do is:
- Open the system configuration page.
- Enter the Accounts> Login Options option.
- Choose the option with which we want to block the system, fingerprint, pin, security key, password, image password.
- We complete the process in question and restart the computer.
Force password change periodically
Something quite common to increase the security of Windows 10 in the business environment is to schedule the password change periodically. In this way, if someone steals our password, we will prevent them from continuing to enter our team without us noticing.
To indicate that the password for accessing our Windows account system expires from time to time, these are the steps to follow:
- We open a Windows Run advantage, Win + R.
- We write netplwiz and press OK or Enter.
- We select the Advanced Options tab.
- In the Advanced user administration section , click on the Advanced options button .
- We select the Users option within Local users and groups .
- In the right panel we click on the user in question to access his Properties .
- We uncheck the box The password never expires .
- By default, every 42 days the system will ask us to change the password.
We can also make this change from the command line, especially for those who cannot access group policies in their version of Windows 10. To do this, we will have to open a CMD with administrator permissions and run the command wmic UserAccount set PasswordExpires = True . Once the policy that establishes that the passwords expire has been activated, if we want to configure a certain user account in this way, we will execute the command: wmic UserAccount where Name = Username set PasswordExpires = True . Where Username we must replace it with the specific name of the user account.
Windows 10 firewall
Another of the settings or tools that have to do with security in Windows 10 is the Firewall itself. Therefore, it is recommended to check that the Network Firewall is correctly activated on our system. Something that we can do well from the control panel or from Windows Defender.
In the first case, what we have to do is open the control panel and navigate to the option System and Security> Security and maintenance> Security and check if it appears activated. If we open Windows Defender, then all we have to do is select the Firewall and Network Protection main menu option and perform the check.
User account control
When we talk about security in Windows 10, we can’t talk about UAC or System User Account Control. It is an extra layer of security in the system that tries to prevent unauthorized changes in the operating system by certain applications and that can affect the security or configuration of the system.
Therefore, it is recommended to have this function always activated in the system to improve security in Windows 10 and avoid this type of problem. For it:
- We open the control panel .
- We enter the option System and security> Security and maintenance .
- We deploy the Security option and check if User Account Control is activated.
- If it appears deactivated, click on change settings and proceed with its activation choosing the level you want. Administrator permissions are required to make this change.
Local user account
Windows 10 is becoming increasingly difficult to use a local user account and is promoting the use of Microsoft accounts. The difference between the two is that the local one is unique on the computer where we create it, while the other one is based on the cloud. Both options have their advantages and disadvantages, for example, a cloud-based account allows us to synchronize certain settings and applications so that they can be used on other computers, while using a local account is more secure and private.
Therefore, if we are looking to increase security in Windows 10, it is best to use a local user account. To do this, if we are using a Microsoft account and want to change to a local account , the first thing we will have to do is create that account if we do not have one yet.
From the Windows 10 configuration page we go to Accounts and then enter Family and other users> Add another person to this PC . We must indicate that we do not have the login data of that person to avoid using a Microsoft account again and then click on Add a user without a Microsoft account and complete the process.
With our user account created, the only thing we have left is to change from one account to another. To do this, we open the System Configuration page and enter Accounts . Within the section Your Information we will find the option Login with a local account instead. When clicking on this option, we will be asked to indicate the username and password, it will probably suggest us to add a security question and finally, click on Next , log out and Finish .
Downloads from other equipment
System updates have long been one of the workhorses for Microsoft’s operating system. With the arrival of Windows 10, Redmond’s included a feature that allows you to download Windows updates and applications from other computers in addition to downloading from Microsoft’s servers, something that helps speed up those downloads.
This means that our computer could be the source of downloads from other equipment, our network or the Internet, after having downloaded and installed the relevant updates. To prevent this from happening and looking to improve security in Windows 10, it is recommended to disable this function . For it:
- We open the System Configuration page.
- We enter the Update and security option in Windows 10.
- We choose the Windows Update option.
- Click on Advanced options.
- Click on the Distribution optimization option.
- We deactivated the switch of the option Allow downloads from other equipment.
Windows 10 update
It goes without saying that keeping Windows 10 properly updated is also very important when it comes to having the best protection against viruses and threats and preventing them from using any system vulnerability.
Now, one of the main sources of infection is usually the programs or applications that we download and install from the Internet. In this sense, to maintain the security of Windows 10, it is recommended to always download and install applications from reliable sources . However, sometimes we may be installed other applications without realizing it. Therefore, it is advisable to check the list of applications installed on the computer periodically and in the event of finding something suspicious, proceed with its removal.
To check if there are any available or pending updates to update our system:
- We open the Configuration page.
- We select the Update and security option .
- We select Windows Update.
- In the right panel it will appear if we have pending updates and the option to download and install.
Configure Windows Defender to improve security
Protection against viruses and malware
Windows 10 antivirus is a great security tool and can protect us from all kinds of threats, however, it also allows the possibility that each of us has other third-party antivirus installed on the computer. However, we already know that these are tools that usually make use of a good amount of system resources, so in the end, we can see how the performance of the team is affected.
In the case of Windows Defender, it will be best to have the tool properly configured to offer us the best level of security in Windows 10. As far as protection against threats is concerned, the ideal is to periodically check that the Windows antivirus 10 is correctly updated and no updates are available for installation. To do this, simply right-click on the tool icon displayed in the system tray and choose the Check for protection updates option. We can also reach this option by opening the security application itself and navigating to the option Virus and threat protection> Virus and threat protection updates.
Increase protection of Windows Defender
There is a way to increase the protection of Windows Defender and with it, improve security in Windows 10. Now, for this we are going to have to make some changes in the system registry. Therefore, first of all it is recommended to make a backup of the Windows 10 registry or create a restore point in case something goes wrong, to be able to return to what we had before any change.
Once this is done, we can enter the registry by opening a Windows Run window, type regedit and press Enter. We navigate to the path: HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindows Defender and the next thing is to create two new keys under this path with the name MpEngine and Spynet. To do this, we right click on Windows Defender, select the New> Key option and give it the name of MpEngine. To create the other key, all we have to do is repeat the process and indicate the name Spynet.
We enter the MpEngine folder and in the right panel we right click to create a new 32-bit DWORD value with the name MpBafsExtendedTimeout and value 19 in hexadecimal. Next, we do the same thing with a new 32-bit DWORD value named MpCloudBlockLevel and value 2 hexadecimal.
The next thing is to go to the Spynet key and create three new 32-bit DWORD values with the names DisableBlockAtFirstSeen and value 0 , SpynetReporting and value 2 , LocalSettingOverrideSpynetReporting with value 1 and SubmitSamplesConsent also with value 1 in hexadecimal.
Finally, and for the changes to be effective, we close the Windows registry and restart the computer. From that moment, Windows Defender will have a higher level of protection when it comes to scanning and detecting any type of threat that tries to infect our computer.
Changes to the MpBafsExtendedTimeout entry allow Windows Defender antivirus to block suspicious files for up to 60 seconds and examine them to see if they are safe. The fact of changing its value, causes us to increase the blocking time to avoid risks. On the other hand, MpCloudBlockLevel determines the aggressiveness of the tool when it comes to blocking and analyzing suspicious files. With the change of value to 2, we will be setting the maximum level of protection.
Regarding the modifications in Spynet, the DisableBlockAtFirstSeen entry is in charge of guaranteeing that our team performs the checks in real time with the Microsoft Activa Protection Service, so if it is not activated, this check will not be performed and the will reduce the level of protection. A value of 0 indicates that it is activated.
For its part, the value 2 for the entry SpynetReporting activates the advanced subscription, which will send more information to Microsoft about the malicious software, including the names of the files, how it works and how it affected our team. This could be a double-edged sword since sending more information to the company’s servers can facilitate the protection and elimination of said malware, while being an open door in terms of privacy.
Finally, changes to the LocalSettingOverrideSpynetReporting and SubmitSamplesConsent entries indicate that the local preference setting will take precedence over Group Policy and defines the behavior of sending samples when the telemetry option is configured, in the case of applying the value 1, samples will be sent automatically.
Choose files, folders, or processes to scan
Another option that Microsoft’s antivirus offers us is to be able to choose the files, folders and processes to be analyzed by the security tool in order to improve and optimize security in Windows 10. Something we can do from the configuration itself of the security tool as shown below:
- We open Windows Defender.
- We click on the Antivirus and threat protection option .
- We select the option Manage Configuration and then Exclusions .
- We click on the option Add or remove exclusions and click on Add exclusion.
This allows us to indicate if we want Windows Defender to exclude certain files, file types, folders or processes from its analysis. As soon as you click on it, that will be the first thing we have to indicate, if we want to exclude a file, file type, folder or process.
In the case of selecting file or folder, a new window will open so that we can select it, while if we choose the type of file or process, another small window of the Windows Defender Security Center will open so that we can indicate the file extension or name of the process that we do not want to be analyzed.
Once the exclusion has been added, each of them will be shown in the form of a list under the Add exclusion button. If at any time we want to delete any of them, just click on the tab shown next to each of them and click on the Remove button.