Sadly, XP is not as secure as we like to think, and a professional hacker would be in and exploring around within minutes.
Even for an amateur, someone who just 'happens' to be passing by and finds your laptop in their possession, all they have to do is Google [u[XP Lost Passwords and they can get to a site like Windows Password, Administrator Password, Passware, spend a little cash, and obtain a utility to get into Windows.
If that information is meant to be secure, and most countries nowadays have Data Protection Laws, then you need to rethink your security procedures.
The best place for secure data is off the computer, onto some sort of removable media which is locked away until it is needed.
I hope that helps, and I am sure others here will have comments to make.
I have a laptop that I keep my customer data in - nothing extraordinary like bank accounts, credit cards, etc. - just people's names, addresses and such. All the data is located in My Documents folder in a custom software that does not have any good password protection. I set up a user account in Windows XP that is required to log in to my laptop. Moreover the My Documents folder for that user account is set to private and the laptop's screen saver that kicks in every 5 minutes is password protected. The password for the Windows XP user account is a 6-character combination, that is not a word in a dictionary.
I'm just curious, say if someone was to steal my laptop, how easy would it be for a hacker to break into my customer data with all the security measures I have? And, if what I have is not enough, how would you recommend to better protect my data?
Thank you in advance!