Dumb question...
- Thread starter Jeff7181
- Start date
No workaround, cause that would defeat the purpose of having an administrator pwd. If that was possible, then any person without those privelages could obtain the admin pass. You should reinstall the OS, and write down the password somewhere, or make it somethign easy, like your street adress ie. (123Fakestreet)
I'd say write it down somewhere as well. While nothingman's advice is sound most cases, I just can't see people breaking into your house to get your admin password. However, IF you do write it down, put it somewhere out of the way so your kids or wife or whatnot can't start messing around on the system. (Home safe, bank, etc.)
Many people are absolutely security freak who isn?t afraid of opening a letter with out dusting it for deadly chemicals nor having their coffee/donuts taste-tested before they consume it, but they have long & impossible password to commence to memory. These so call nut case goes through all kind of trouble to come up with secure password and have laptops that can be lifted easily. It it funny how paranoia works and everyone & their dog have some kind of electronic passcode while they don?t even have a 5 dollar deadbolt on their door.
It is easier for the thief to steal the entire computer and do what ever they would like to it than trying to crack your password or firewall. However, you should have a password that is difficult to crack, but it wouldn?t be a security compromise if it is easy for you to remember.
As for writing down you password, it is fine to write down your password & keep it in a safe place because the likely hood of someone finding your password & maliciously use it is low. A few years ago I worked at a research centre and the backup_admin password were keep in a sealed envelope that were tape to the fireproof & alarm server room (the server room store over 7 terabytes of scientific data). The admin password is keep on the wall for emergency just incase they need to admin the server after every admin were hurt in an accident (bomb, earthquake, fire).
Your passwords aren't as secure as you think they are. I know all of my boss' passwords because he's stupid enough to write them down. This ends up being a good thing for him because he always forgets the passwords and I can remember ones I saw a year ago 
There are ways to crack Windows passwords, it's Windows for christ's sake, and I'd have to say Nothinman's advice is the most sound in this entire thread.
If you don't care about security, don't use a password, just hit enter. Better yet, have your computer log as Administrator automatically...
If you have secure data or work in a secure environment, don't use simple passwords and don't write them down...
There are ways to crack Windows passwords, it's Windows for christ's sake, and I'd have to say Nothinman's advice is the most sound in this entire thread.
If you don't care about security, don't use a password, just hit enter. Better yet, have your computer log as Administrator automatically...
If you have secure data or work in a secure environment, don't use simple passwords and don't write them down...
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
Unless they already broke in to steal the computer, then having the admin password on a post-it on the monitor just makes things that much easier for them.
The chances of you going to a web page that exploits the IE exploit of the day is pretty low too, but you keep up with patches anyway, right?
It is true that having your password tape to the monitor is not a good idea, but I didn't say that you should be that careless. The reason that the research center I worked for feel safe to have the password in an envelope on the wall is that the person that make it though the fireproof doors & alarm would have no trouble removing the hot-swap scsi array and read it when they get back to their hide out.
Does it mean that you dust every envelope that come accoss your desk, because there is a protential of foul play?
Do you taste check your donut or coffee every morning just to make sure that it doesn't have poison in it?
There is a limit to security, but it can be overboard & spend in the wrong place. It is better if you spend the time to physically secure your home with highquality locks/dadbolts and have some kind of alarm.
I'm sure that there is more B&E happening every day compare to computer security compromises. Even if you have the laptop cuff to your body it would take the crook less than a minute to cap you & chop your hand off then jump into his get way car. Which, is much quicker than trying to boot your computer to extract the precious information.
RalfHutter
Diamond Member
- Dec 29, 2000
- 3,202
- 0
- 76
Isn't there a program called "lopht crack" or "lopht hack" or something like that that's an NT password finder? I'm no hacker by any stretch but I seem to remember hearing about this several times.
If I'm out in left field about this there's certainly tons of links in that Google URL up near the top of the page. It's hard to imagine that one of 'em wouldn't work.
If I'm out in left field about this there's certainly tons of links in that Google URL up near the top of the page. It's hard to imagine that one of 'em wouldn't work.
Getting back to the question at its most basic level I'm not sure that we've exhausted all of the most obvious possibilities. What I'm wondering is this -- is this the only admin level user account on that system? In other words, did you create any account on the system at the time of first use or installation of the OS with a name other than "Administrator". If so, what type of account was it? If you're just using the standard Windows XP graphical user interface tools you would be choosing between "Computer administrator" or "Limited user". If you have an alternative admin level account, log into it. Then you can use the Start | Run feature to crank up the alternative "User Accounts" dialog. From there you can reset the password for any account other than the one under which you are currently logged in. (Start | Run. Type in "control userpasswords2", click on OK.)
I'm sorry if all of this is painfully obvious, but I just wanted to be sure that this possibility had been considered.
There is also another way to get into a standalone Windows NT / 2000 / XP installation from a parallel installation of the OS on the same machine. It's got a few steps to it, but it's really not all that complex. I guess I won't post it here because the potential for abuse is obvious. But it doesn't require the use of a cracking tool or a Linux diskette or any of that invasive crap that partially messes up the original installation.
BTW, the use of any cracking tool or gaining access to the partition so that you can blow away the portion of the registry that store the passwords will also render any encrypted data on the original installation inaccessible, permanently, unless you have the recovery keys saved off of the system. Good thing to remember when considering doing such things.
- prosaic
Uh, dumb me. I had to edit when I realized that I forgot to give instructions for starting up the alternative User Accounts dialog!
Well if you are going to have to reinstall anyway you can try this....
Move the harddrive to a machine that has a working copy of windows xp on it. Set it up so the drive is a secondary drrive. Boot into windows and browse to the winnt\system32\config folder. erase the sam & sam.log files. move the drive back to the original machine and boot up. you password will be a blank.
and yes i have tried this on windows 2000, it should work on windows xp.
Move the harddrive to a machine that has a working copy of windows xp on it. Set it up so the drive is a secondary drrive. Boot into windows and browse to the winnt\system32\config folder. erase the sam & sam.log files. move the drive back to the original machine and boot up. you password will be a blank.
and yes i have tried this on windows 2000, it should work on windows xp.
The reason you have to reinstall is because you are not soppose to hack the security of the OS. Quit being so darn lazy and just do it. All you are asking here are questions on hacking and not on OS recovery. If you are learning Admin techniques for work or personal knowledge, you are going about it the wrong way if all you learn is how to circumvent the SAM. An admin would learn to use it, not destroy it. Back up and start over. That is the answer. Learn from your mistakes.
wish you luck.
wish you luck.
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
Not really, if I lost the password to my root account I'd be really p!ssed if I had to reinstall just for that, luckily I know how to break into my system and wouldn't have to lose a >4yr old installation.
It's not that hard to do in Linux or Windows, and the ways to do it are found easily with google.
That is far from the answer, a semi-competent user (not even admin) can reset or crack the admin password on a box they have physical access too. cracking takes longer than resetting, obviously, but both are just about as easy.
First of all I'd say that not everyone is an admin, nor does everyone want to be an admin.
Then I'd point out that it is often the JOB of an admin to circumvent the security on a given system, for testing and / or for recovery purposes. And sometimes you're not just recovering data. Sometimes you're recovering a configuration that happens to be important to someone. Admins spend a lot of time helping users (and even themselves) recover from mistakes. Wiping, reinstalling, and then restoring the data is the fallback position, and you can always count on it if everyone has been smart enough to keep current on backups. But there's nothing intrinsically more noble about recovering the hard way if you can get back to functionality and access to your data without going through all of the motions.
Learning from your mistakes is a good idea, but reformatting and reinstalling isn't always the best way to learn. Most of us already know how to install the OS. Fewer know how to get into an installation without the original admin passwords.
I know of at least two ways (sort of two-and-a-half) to do it in Windows NT/2000/XP that do not involve damaging any part of the registry or configuration of the original installation. And I am no guru, but merely a competent, sort of, user. It is possible, but not likely, for a standalone system to be configured so that none of the ways I know will work. In such a case I might still try cracking the system. If I had spent a lot of time configuring a system, I would certainly rather spend 90 minutes or so recovering the system, if I could do that without "damaging" the functionality of it, than 1-2 days reconfiguring it.
- prosaic
Speaking of being "sort of" competent, I wonder how I managed to post this as a blank message the first time 'round.
Originally posted by: prosaic
First of all I'd say that not everyone is an admin, nor does everyone want to be an admin.
Then I'd point out that it is often the JOB of an admin to circumvent the security on a given system, for testing and / or for recovery purposes. And sometimes you're not just recovering data. Sometimes you're recovering a configuration that happens to be important to someone. Admins spend a lot of time helping users (and even themselves) recover from mistakes. Wiping, reinstalling, and then restoring the data is the fallback position, and you can always count on it if everyone has been smart enough to keep current on backups. But there's nothing intrinsically more noble about recovering the hard way if you can get back to functionality and access to your data without going through all of the motions.
Learning from your mistakes is a good idea, but reformatting and reinstalling isn't always the best way to learn. Most of us already know how to install the OS. Fewer know how to get into an installation without the original admin passwords.
I know of at least two ways (sort of two-and-a-half) to do it in Windows NT/2000/XP that do not involve damaging any part of the registry or configuration of the original installation. And I am no guru, but merely a competent, sort of, user. It is possible, but not likely, for a standalone system to be configured so that none of the ways I know will work. In such a case I might still try cracking the system. If I had spent a lot of time configuring a system, I would certainly rather spend 90 minutes or so recovering the system, if I could do that without "damaging" the functionality of it, than 1-2 days reconfiguring it.
- prosaic
Speaking of being "sort of" competent, I wonder how I managed to post this as a blank message the first time 'round.
yeah, what he said....
Originally posted by: adrianwalters
Originally posted by: prosaic
First of all I'd say that not everyone is an admin, nor does everyone want to be an admin.
Then I'd point out that it is often the JOB of an admin to circumvent the security on a given system, for testing and / or for recovery purposes. And sometimes you're not just recovering data. Sometimes you're recovering a configuration that happens to be important to someone. Admins spend a lot of time helping users (and even themselves) recover from mistakes. Wiping, reinstalling, and then restoring the data is the fallback position, and you can always count on it if everyone has been smart enough to keep current on backups. But there's nothing intrinsically more noble about recovering the hard way if you can get back to functionality and access to your data without going through all of the motions.
Learning from your mistakes is a good idea, but reformatting and reinstalling isn't always the best way to learn. Most of us already know how to install the OS. Fewer know how to get into an installation without the original admin passwords.
I know of at least two ways (sort of two-and-a-half) to do it in Windows NT/2000/XP that do not involve damaging any part of the registry or configuration of the original installation. And I am no guru, but merely a competent, sort of, user. It is possible, but not likely, for a standalone system to be configured so that none of the ways I know will work. In such a case I might still try cracking the system. If I had spent a lot of time configuring a system, I would certainly rather spend 90 minutes or so recovering the system, if I could do that without "damaging" the functionality of it, than 1-2 days reconfiguring it.
- prosaic
Speaking of being "sort of" competent, I wonder how I managed to post this as a blank message the first time 'round.
yeah, what he said....
I only stated that if this person is attempting to learn, then this is what should be done. I doubt that this person is, since he's obviously logging on locally and not into a server. If my statement sounded harsh, then I appologize for that. But, the SAM is there for a reason and I do not advocate hacking the registry as a replacement for actually knowing how to do something. More than likely, if it is a Pro machine and a local account, then it probably his own machine, No big deal. But, offering up system security bypass information over the internet, for whatever reason, is not good practice. You really have no idea what this person may be trying to get into really.
hand
A philosophical and a pragmatic difference of opinion --
I'm curious as to what you think the originatory of the thread will "learn" by reinstalling the OS. There's not much to be learned there, though reconfiguring a machine a few times can certainly teach you how to go about this process in an efficient manner and how to customize a system to your own liking. But you can learn a lot about the way the security on the system works by learning to circumvent it. I'd be the first to suggest a clean reinstallation over cracking or whacking the registry's security settings if I were going to continue to use that installation of the OS. But, as I mentioned before, there are alternatives that don't harm a single bit of the original system configuration. And they take quite a bit less time than a full reinstall and reconfiguration on any system other than one which has just been freshly installed and not configured.
As for the idea of trust, well I choose to trust people I meet online unless they give me reason not to trust them. It's not like the workarounds aren't generally available to anyone who might be interested enough to do a little research. I learned the first of my parallel install methods in the matter of an hour or two of research a couple of years ago in response to the need to get access to an NT workstation that belonged to a gravely ill friend. His wife needed access to that system to enable her to take care of business matters. We had no idea where (or whether) her husband had stored the recovery keys that we needed for getting access to encrypted data. If I, having used Windows for about two weeks at the time, could get the information I needed in that amount of time by simply searching briefly on the Internet and then apply it successfully, then the idea that we're talking about super-secrets seems kind of silly.
- prosaic
It is not so much a matter of trust as it is simply not a good policy to give away such information. I do not dis trust this person per say, I really care about this peticular issue.
Not too many years ago, this country was assaulted by a group that got alot of their information from the internet. I do believe that a catastrophy of that magnitude warrants some caution on the side of online policy towards freely given information.
That said. This is not my thread. You may invite me in on a thread of your own if you wish to discuss this further.
Not too many years ago, this country was assaulted by a group that got alot of their information from the internet. I do believe that a catastrophy of that magnitude warrants some caution on the side of online policy towards freely given information.
That said. This is not my thread. You may invite me in on a thread of your own if you wish to discuss this further.
Nothinman
Elite Member
- Sep 14, 2001
- 30,672
- 0
- 0
The SAM and the registry are 2 completey seperate entities. Changing registry values will not get him his admin password. And I hate the phrase 'hacking the registry', it's just a configuration database and frankly 99% of the values are quite easy to understand, it's just the lazy programmers who save all their settings in one binary key that make it difficult. And then there's the fact that some settings are changable only via hand editing the registry, because MS didn't want to expose them via GUI controls for one reason or another.
You really think this information isn't posted all over the Internet in countless other places? Not posting it here slows down a few people who want to take control of their parents admin account or maybe even work's local admin account, but it's not going to stop anyone with half a brain and the ability to type.
What he wants to do requires physical access to the PC, and if they've stolen his PC they're already 99% done breaking into it anyway.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter