change admin password

J

Javier

Hi

I've seen many utility tools to change or crack the local administrator
password for a server(Stand Along) or pc in a domain. Is this a
vulnerability with most of the windows OS or is it just a Microsoft design
to access a computer or server in the case the password has been forgotten.?

I searched KB and found nothing related to this issue.

Thank You.
 
D

Danny Sanders

Most of these utilities are Linux based which would lead one to believe they
were made to work on Linux.

I think someone through experimenting found out it works on Windows also.

hth
DDS W 2k MVP MCSE
 
M

Matthew Kitchin

You can do that with almost any OS. If you get physical access to where the
password is stored, there are ways you can manipulate it.
 
S

Steven L Umbach

This is a vulnerability to any operating system and requires physical access
to a computer. Note that if an attacker gets physical access to a computer
they do not need the administrator password anyhow to access any data that
has not been encrypted. An attacker could put the hard drive in another
computer or boot from an alternate operating system which could be burned on
a DVD. Even encrypted data can be vulnerable if the user's private key used
for encryption is on the computer particularly if the user has a weak
password. You might find the link below interesting - the Ten Immutable
Laws of Computer Security. Even though it was written by a Microsoft guy it
applies to all operating systems. --- Steve

http://www.microsoft.com/technet/archive/community/columns/security/essays/10imlaws.mspx
 
W

Wolf Kirchmeir

Danny said:
Most of these utilities are Linux based which would lead one to believe they
were made to work on Linux.

I think someone through experimenting found out it works on Windows also.

hth
DDS W 2k MVP MCSE
Click to expand...

They're Linux-based because you can boot a small Linux kernel from a
floppy and then run programs. Just like DOS, in that respect. Linux
writers have wriiten soiftware to read and write to NTFS file systems,
which makes it relatively easy to fins the passowrd and deal with it. As
Mathhew K notes, that can be done with any OS, so long as the file
system can be read and written.

Passwords protect only in the sense that a lock on your front door
protects: it slows down access, and makes it too much of a hassle for
many who would otherwise cheerfully come in and take your stuff.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Change Admin Password 4
Lost Admin Password 9
Enterprise Admin Password Change 4
The account password for MS Office Outlook 2010 1
Lost Password for Domain Controller Administrator A/c 3
local account admin has access to other PC's if admin password is 4
Recovery Console Admin Password reset 3
Change Domain Admin Password with Domain Admin User 1

Top