Tuesday, April 04, 2006

Finding lost or forgotten passwords

30 Mar 2006 | SearchWindowsSecurity.com

Lost passwords are really more of an administrative problem, but passwords have become synonymous with security because so much network security relies on passwords. The stronger you make your passwords, the more chance they will be lost or forgotten. That's where our experts come in.

Over the past year or so they've gotten a number of requests to help solve lost password issues. The experts try to help to a degree, often concerned about the righteousness of the requests. But, alas, the inherant security of passwords is a topic for another day.

Below are some of the more popular answers to the lost password question, with each expert providing their own unique perspective. At the bottom of the page are links to more password quandaries.

Solving login/lost password issues

Question: I recently installed Windows 2003 server and everything is running well. About one week later, I rebooted my server and attempted to log in with my administrator password and the system blocked me from logging in because of an administrator account problem. Now, I don't know what happened to the administrator password. Can you provide me with some information on how to bypass this and fix my problem.

Kevin Beaver's answer: It sounds like you'll need to reset the administrator password. Check out NT Access – it's great for this.

Accessing a laptop without the BIOS password

Question: I have a Sony laptop that shuts down at start up. I need to get into the BIOS, but I don't have the password. Is there a way to bypass it or a backdoor code?

Jonathan Hassell's answer: You might try disabling the battery that powers the BIOS on the mainboard, but even that may not work. Your best bet is to call Sony and explain your problem; they'll have information on how to access the laptop.

How can I retrieve a BIOS password?

Question: I have forgotten the BIOS password, obviously making it difficult for me to log in. I have checked the "always" option as well. How do I go about retrieving this?

Roberta Bragg's answer: You may need to contact the manufacture of your hardware. Some systems may have maintenance backdoors or other ways to regain access. Alternatively, you may be able clear the BIOS password by flipping the appropriate jumper or dipswitch on the motherboard. Again, seek expert help. Computer Hope also has recommendations on common BIOS passwords that you might try.

Cracking passwords

Question: What tools can I use to crack or replace the passwords on a Windows 2000 machine?

Wes Noonan's answer: There are a number of tools ranging from freeware to commercial software.

  1. John the Ripper
  2. L0phtCrack
  3. Emergency Boot CD: This CD contains a number of utilities, including password recovery and cracking tools.
  4. Offline NT Password and Registry Editor
  5. Login Recovery
  6. Ultimate BootCD
  7. Knoppix

If you are starting to get the feel that Windows passwords aren't that secure, especially if one manages to get physical access to the box, you are correct.

Also, check out the solutions to these lost password problems:

Managing passwords and passphrases

Passphrases versus passwords

Resetting BIOS passwords

Accessing forgotten passwords

Resetting the default password policy

Default passwords for Windows and Windows XP

http://searchwindowssecurity.techtarget.com/general/0,295582,sid45_gci1176870,00.html?track=NL-122&ad=547251
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)