Re: XP (SP2) user passwords



Safe Mode requires an administrator to log on the machine. If you're not an
admin, you can't run safe mode. I think this is the bahavior as of SP4 W2k
(don't quote me guys) and SP2 XP Home.

Having worked in PC repair for a while, I'd always get people who forgot
their password. After verifying that they were indeed the owner of the
computer, I'd reset the password for them. (I'd hope all PC Repair shops
were as honest as I was...)

There are legitimate uses of the software, that's why it exists... but there
are always those that abuse such software. The methods I gave here are a bit
extreme, but I wanted to leave it up to the owner of the machine how secure
he wants his machine to be, and I'm sure if he follows my instructions he
will find the appropriate level of security for him. The more secure you
make something, the less convenient it is to get to and use. That's as close
to a law of physics as you can get without using fancy-dancy formulas.
I always suggest checking who has Admin accounts, and ensuring that the true
administrator account has a password on it tho, these are two things that
will only cause you trouble once.
---
Scott


"Gene E. Bloch" wrote:

He did say they cracked the administrator password, but I forgot that
he also said something about "downloading software which cracks it".

I tend not to D/L such software and not to try to crack people's
passwords, so I don't know much in that area.

BTW, is it possible to set up the computer in XP/MCE so that only the
administrator can install or run programs, even in safe mode? My YL's
work computer has that property, but it's Win 2000. This could help the
OP, maybe.

I say let's ask the OP to clarify :-)

On 3/10/2008, IceMage posted this:
I think it's more likely they rebooted into safe mode to gain access to the
administrator account, which normally does not appear, and in SP2, I don't
believe it will let you log on if there is no password set, but in Safe Mode,
no such security policy exists. In that case, they gain complete control
over the machine from that point on.

I can't remember how many machines I exploited due to the fact there was no
Admin password by default in college (Bad, I know.) SP2 fixed this, in that
computers can't access your computer over the network if you don't have an
admin password, but not locally.
---
Scott


"Gene E. Bloch" wrote:

Your reply made me think (that's a bad habit, I know).

I wonder if Douglas just had a very obvious password, like his kids'
names (oh, let's say BillyBob, assuming he's got two sons Billy & Bob),
so that his kids were just able to guess it pretty quickly, rather than
crack it in the usual sense.

If so, Douglas, make up a new password (oh, say R23i0*g6^foo - but not
this one, choose another one that's equally weird but not public), and
store it somewhere where only you can find it - you do have to write it
down, because such passwords are hard to remember and guess.

On 3/10/2008, IceMage posted this:
Windows passwords can't be cracked that easily. Steps to prevent this are:
1. Scold them, this is obviously unacceptable behavior. Let them know that
this is not just wrong, it's also ILLEGAL, and can lead to jail time.
2. Banks have to keep dishonest people out too. To further prevent them
from getting on your computer, physical security of the machine will have
to be on your side.
2.a Get a case lock for your computer, so it can't be opened up.
2.b Get into your computer's BIOS and put a password on it. Make it a
startup password if you don't want them on the computer at all, or an
access password to ensure that they can't change these settings (The case
lock is so they can't open it up and clear these settings)
2.c Remove any bootable devices from the boot sequence besides your hard
drive (Most password crackers work by having to boot to the media itself)
3. Time to secure windows, your children should be using a different
account than you, hopefully.
3.a If you're using Windows XP Home, please reply back, and I'll change the
details so you can use this information, however, it appears you're using
XP MCE.
3.b Right Click on My Computer, and click on the box that reads Manage...
3.c There is a tab that reads, local users and groups.
3.d Ensure that you have an account for everyone listed there. Now right
click on your administrator account, and set the password. You should also
have an account for yourself, set that password as well. You need to
ensure that your children's accounts are not administrators, so double
click their names, and remove all groups that they belong to except
"Users"

This should harden the computer enough that they shouldn't be able to just
pop on and off without a good deal of trouble. In fact, it'd leave me
stumped for quite a while, especially with a case lock on it, just don't
forget your passwords, or lose the key.
---
Scott


"Douglas" wrote:

My teens crack our XP administrator password with ease using safemode
startup, or downloading software which cracks it. What's the point of
passwords if it's this easy? Can I prevent this? --

Confused old guy

--
Gene E. Bloch (Gino) letters617blochg3251
(replace the numbers by "at" and "dotcom")




--
Gene E. Bloch (Gino) letters617blochg3251
(replace the numbers by "at" and "dotcom")



.



Relevant Pages

  • Re: Keep admins off of client machines
    ... the sharepoint admin is simple, just create a standard user account for them ... The 'Domain Administrator' account is ... Domain Administrator password. ... takes a thorough understanding of such priveleges to do so. ...
    (microsoft.public.windows.server.sbs)
  • Re: firewall on budget ?
    ... 1)Work in Admin mode, and through 'run as', browse ... If working in admin mode and doing runas to browse in a guest account. ... Installing a program, getting an error, then doing the run as, can be ... running as administrator all the time. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Loss of Administrator User
    ... Enable/Disable Administrator on Welcome Screen ... When I try to access the Administrator account while in Safe Mode it is ... Are you logging on with an account that has Administrator permissions?? ... Safe Mode to access the Administrator account in User Accounts. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Loss of Administrator User
    ... Keep having fun, Peter. ... Enable/Disable Administrator on Welcome Screen ... When I try to access the Administrator account while in Safe Mode it is ... Are you logging on with an account that has Administrator permissions?? ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Log on Windows XP Professional
    ... >Because of the security features built into Windows XP, ... administrator rights, you can ... >use that account to change the password of the account ... >First you need to boot the system into Safe Mode: ...
    (microsoft.public.windowsxp.security_admin)