Re: can someone get admin password with physical access?

• Previous message: Holden: "Re: how to remotely execute a program on win nt 4 workstation machine"
• In reply to: t2k2p: "can someone get admin password with physical access?"
• Next in thread: gavin: "Re: can someone get admin password with physical access?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: jim.macarthur@nospam.man.thanks.ac.uk (Jim MacArthur)
Date: 26 Feb 2002 09:35:21 GMT

In article <xcFe8.8388$1d4.2988243@twister.socal.rr.com>, t2k2p@socal.rr.com
says...
>
>Hi, I help out the admin at my school with security, and we have very poor
>physical security of computers. Is there a way that any person with
>physical access hack the admin or other users password? I heard that you
>can use a linux boot disk to access a file and use l0ptcrack to crack it,
>but I heard that it only works for FAT32 partitions. Is this true? And if
>there is a way to hack the passwords if someone has physical access, how can
>they do it? and is there a way to stop it? (besides physical security)
>thanks a lot.
>
>calvin-

Yes, at least for any users stored locally - domain users would be more secure.
If l0phtcrack doesn't work for NTFS it's probably only a matter of time until
it does.

The way round this is to set the boot order on each PC's BIOS so it will only
boot from the hard disc and then set a BIOS password to prevent further
changes. How you do this depends on your PC.

The only way around the BIOS password is to open the case and start swapping
links on the motherboard, so to be totally safe buy some padlocks and lock the
cases on.

Jim

• Previous message: Holden: "Re: how to remotely execute a program on win nt 4 workstation machine"
• In reply to: t2k2p: "can someone get admin password with physical access?"
• Next in thread: gavin: "Re: can someone get admin password with physical access?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Friend logging onto my comp ... There is no security without physical security. ... "Jay S" wrote in message ... >I would enable BIOS password protection. ... >> you need to restrict access to your account, ... (microsoft.public.security) Re: I need to password protect my pc at startup ... Is there a better way to protect my machine? ... Lock your office. ... Without physical security - just about everything else ... BIOS/System Setup and once there - setting a password to boot the computer ... (microsoft.public.windowsxp.basics) Re: I need to password protect my pc at startup ... Lock your office. ... Without physical security - just about everything else ... You could set a BIOS password and change the boot method so that it boots ... (microsoft.public.windowsxp.basics) Re: local admin account password ... Physical security is the basis of all security. ... only way to get it to boot of my media and/or power cycle the server ... boot off my nefarious floppy disk, I can do it over the wire. ... (Focus-Microsoft) Re: Web site busted? ... Very few of them kept the admin password, ... compromised passwords are only one way ... since physical security is almost impossible to ... gain access to a computer. ... (alt.os.linux.suse)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint