I got a question the other day, “how can i access a computer remotely without a password?”
The reason that it’s by default is not possible to access a computer remotely with an account that does not have a password is because there is a new security policy/feature which states:
Accounts: Limit local account use of blank passwords to console logon only
This security setting determines whether local accounts that are not password protected can be used to log on from locations other than the physical computer console. If enabled, local accounts that are not password protected will only be able to log on at the computer's keyboard.
You can change that behavior by modifying the “Local Security Policy” here:
Just a thought. One could argue that it’s actually safer to have no password on the Local Admin account and leave this policy Enabled. Than have a weak password on the Admin account.
Because if there is no password, no malicious person or software could ever remotely access the computer as a local admin. While if you have a weak password, it would be possible for someone to brute force (try all possible combinations until you get in) the password.