1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XP login/password

Discussion in 'Software' started by Gaz 45, Aug 11, 2005.

  1. Gaz 45

    Gaz 45 Kilobyte Poster

    404
    4
    39
    Hi guys,
    Someone at work has forgotten their XP login password & there's no other users on that comp (& no guest login). Any tips on how to get into it?
    Cheers
     
    Certifications: MCP (70-229, 70-228), MBioch
    WIP: MCDBA (70-290)
  2. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    try loading in safe mode - you should be able to access the admin acc that way, and reset the password.

    And after that, suggest that they make a password recovery disk.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  3. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    Ah, sorry. you might not want to suggest the recovery disk, as its at work. does your work not put an admin account and password onto each PC?
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  4. Gaz 45

    Gaz 45 Kilobyte Poster

    404
    4
    39
    Cheers Fergal. Typically, we found the password about 5 minutes after I posted. I will *strongly* suggest that we set up admin accounts on each system!
     
    Certifications: MCP (70-229, 70-228), MBioch
    WIP: MCDBA (70-290)
  5. kat731
    Honorary Member

    kat731 Megabyte Poster

    826
    9
    74
    Hi,

    i had this a few times and downloaded a ISO Linux image and made a boot cd, restart the PC, it reads the NTFS partition and gives you the option to clear the password!!!!!!!!! Carry it to all jobs.... Great thing to have!!!!
    Kat
     
    Certifications: BA (Hons), A+
    WIP: 70-685 77-884
  6. simongrahamuk
    Honorary Member

    simongrahamuk Hmmmmmmm?

    6,199
    125
    199
    By default does XP not create an administrator account when you setup the PC? Regardless of weather you set a password for it if you press Ctrl+Alt+Del when you get to the user login screen (even if you use the icon login) you should be able to get the login screen up that allows you to type in administrator.
    Am I mistaken? :dry
     
  7. Fergal1982

    Fergal1982 Petabyte Poster

    4,196
    171
    211
    no, you are absolutley correct - which is what i suggested accessing.
     
    Certifications: ITIL Foundation; MCTS: Visual Studio Team Foundation Server 2010, Administration
    WIP: None at present
  8. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    you are correct
    there is always an admin account, and its usually unprotected (bloody windows)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  9. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    That's one thing I just don't understand. MS's latest and greatest, and the OS they bragged on as being more secure than Win2K, has a wide open Administrator account by default. You can't introduce a bigger security risk than that on a PC. It means that if any account on the PC is compromised the box is owned by the attacker if the OS is using default settings, and millions of boxes are set to default settings.

    MS wasn't dumb enough to do that on Win2k Pro so why introduce something that blatantly insecure on XP? It just makes no sense to me whatsoever. They might as well have gone back to the old Windows 9x of not even having to log in to get access. It's the same level of security.
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  10. Phoenix
    Honorary Member

    Phoenix 53656e696f7220 4d6f64

    5,726
    175
    221
    well when i meant usually, i meant because users dont set passwords for it, i do recall it being a mandatory option during both fresh retail install and OEM system bootup, so it does ASK you for one, it just doenst require a clever one (or prevent a blank one!!)
     
    Certifications: MCSE, MCITP, VCP
    WIP: > 0
  11. ffreeloader

    ffreeloader Terabyte Poster

    3,661
    106
    167
    And people will do the minimum required to install their machine. Plus, it's bound to come with a blank password from a vendor. Or at best with something like password or admin for a password. They can't really do anything else with it.

    I've done a few XP installs so I know what it does, but also know that it's a huge security risk just sitting there because even some half-way knowledgeable people that I know will deliberately set blank passwords anwhere they can so they don't have to remember them. That MS will allow that and then say how "secure" their OS is out of the box just amazes me.

    I build boxes for people every once in a while and if they insist on running Windows I set it up with all accounts password protected, and I can't believe how many people will complain about that. Only after their box has been compromised a couple of times will people begin to take security seriously. Then they say thanks and show some interest, but only because it has cost them quite a bit of money to have their computer rebuilt a couple of times. This is the result of being "educated" by MS to expect unlimited access for everyone, i.e. security isn't important.
     
    Certifications: MCSE, MCDBA, CCNA, A+
    WIP: LPIC 1
  12. Bluerinse
    Honorary Member

    Bluerinse Exabyte Poster

    8,871
    167
    256
    I agree Freddy, it doesn't stack up (make sense). Even with Server 2003 by default the name of the last user appears in remote desktop and interactive logins. This gives a nefarious intruder half the info they need. I always change the local policy to not display the last logged on user name, and set passwords on the administrator account that are not susceptible to dictionary attacks and re-name the administrator account.

    Most people take the easy road to wide open boxes and wonder why they get hacked :rolleyes:

    Pete
     
    Certifications: C&G Electronics - MCSA (W2K) MCSE (W2K)

Share This Page

Loading...