Re: Is there any way past windows XP Logon

From: Colin Nash - [MVP] (ilikemooseheadbeer-REMOVETHIS-_at_hotmail.com)
Date: 02/01/04 

Date: Sat, 31 Jan 2004 18:49:04 -0500

Unfortunately, yes the Windows passwords can be easily bypassed. For
someone with a bit of knowledge, this is pretty trivial to do. For example,
I can do it in about 5 minutes given physical access to the machine. This
is common to any operating system, such as Linux: there is no security
without physical security.

They don't even need to 'crack' the password. They can load the hard drive
into another system and view the files, or delete certain files on the hard
drive that basically reset the passwords to blank.

For stronger security, you really need to use encryption (such as the
Encrypting File System feature of XP-Pro Edition or a third party product
like SafeGuard Easy.) 

-- 
Colin Nash
Microsoft MVP
Windows Printing/Imaging/Hardware
"Pete Plumb" <anonymous@discussions.microsoft.com> wrote in message
news:802901c3e84d$97150990$a601280a@phx.gbl...
> My laptop has fallen in to the wrong hands.  I can manage
> without the data on the hard drive, but would not be
> happy if any body else could view the data.  The main
> Administrator account is passworded, there are two admin
> accounts with passwords and on user account without a
> password.
>
> Both of the admin accounts have there documents folders
> made private.  Is there any way that the files in these
> folders can be viewed by any one without the passwords?
>
> Thanks
> Pete

Relevant Pages

  • [NEWS] UTStarcom B-NAS 1000 and B-RAS 1000 Security Flaw
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... with known passwords. ... Issanni 1000) One account is approximately equal ... Management user with limited write privileges ...
    (Securiteam)
  • Re: Account lockouts
    ... for reusable passwords and the AAA infrastructures that rely upon them? ... In that context, account lockout policy -- duration, threshold, lockout ... > cracking attacks. ...
    (microsoft.public.security)
  • Re: How do I point a mail client at Microsoft outlook?
    ... Is that any more likely than /them/ breaking into your mail account? ... fetchmailrc file with passwords in it. ... an additional security "protocol" can hurt. ...
    (Fedora)
  • Re: On password expiration
    ... If you are very concerned about the security of the system, ... forcing your users to change their passwords every X number of days is ... been dormant for X numbers of days, an account lockdown policy to ... organizational policy prohibiting employees from writing down their ...
    (microsoft.public.security)
  • Re: Confidentiality of information in my system ..
    ... data like credit card numbers and passwords in my system, ... Once you're in the account, ... Pretty much only by watching for misuse of your information. ... Regularly changing passwords is a very basic security measure. ...
    (microsoft.public.windowsxp.help_and_support)