Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Prevent the bypassing of administrator password
05-31-2010, 01:51 AM
Post: #1
Prevent the bypassing of administrator password
Hello, everyone;
I have set up parental control on my cousin's computer, but now he skips or erases the administrator password with the help of some software. On the other hand he has created another administrator account which I cannot modify at all. Now I want to delete the administrator account he has created, what approach should I take to do this? From some forums, I know that computer users are able to bypass administrator passwords by cracking the hash file, is this the common way that password cracking softwares use to erase/crack passwords? If I want to prevent him from doing it again, what should I do? Is increasing the password length and complexity helpful if one can bypass the password?
Thank you very much!
Find all posts by this user
Quote this message in a reply
05-31-2010, 03:09 AM
Post: #2
RE: Prevent the bypassing of administrator password
You didn't mention your Windows version. Is it XP, vista or 7?

If yours is an administrator account. You should be able to delete his newly created account with administrator privileges. Sign in with your admin account.

Go to start -> run -> control userpasswords2

There in user accounts, you can remove or set his user account. If this gives any error, let me know.

It appears that he's been using password cracking tools that read and decrypt password hash files. There is nothing much you can do in that case.

Windows XP passwords are hashed using LM hash and NTLM hashes. The hashes are stored in c:\windows\system32\config\SAM. SAM file is encrypted and is locked while Windows is running. To get the passwords, you need to shutdown Windows, decrypt the SAM file, and then crack the hashes.

This cracking is further made easy if you have a working CD drive (many password cracking programs boot through CDs) or USB slots (helps in booting through flash drives). Increasing password complexity to more than 14 characters with a mix of digits, alphabets & special characters would make it harder to crack but its' not fool-proof.

http://support.microsoft.com/kb/299656/

You could also try restricting his user account to a restricted users account & wish password cracking programs would not run in that but I seriously doubt so.
Find all posts by this user
Quote this message in a reply
06-01-2010, 01:12 PM
Post: #3
RE: Prevent the bypassing of administrator password
(05-31-2010 03:09 AM)techsniper Wrote:  You didn't mention your Windows version. Is it XP, vista or 7?

If yours is an administrator account. You should be able to delete his newly created account with administrator privileges. Sign in with your admin account.

Go to start -> run -> control userpasswords2

There in user accounts, you can remove or set his user account. If this gives any error, let me know.

It appears that he's been using password cracking tools that read and decrypt password hash files. There is nothing much you can do in that case.

Windows XP passwords are hashed using LM hash and NTLM hashes. The hashes are stored in c:\windows\system32\config\SAM. SAM file is encrypted and is locked while Windows is running. To get the passwords, you need to shutdown Windows, decrypt the SAM file, and then crack the hashes.

This cracking is further made easy if you have a working CD drive (many password cracking programs boot through CDs) or USB slots (helps in booting through flash drives). Increasing password complexity to more than 14 characters with a mix of digits, alphabets & special characters would make it harder to crack but its' not fool-proof.

http://support.microsoft.com/kb/299656/

You could also try restricting his user account to a restricted users account & wish password cracking programs would not run in that but I seriously doubt so.

Thank you very much. The machine runs windows Vista. I went to "account management" from "control panel", but it seems that I can modify every user account except the one created by my cousin. For other user accounts, I can see the option "delete account", which has not shown up in that account.
Find all posts by this user
Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 1 Guest(s)