Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: Have you ever lost or forgotten a user password?

  1. #1
    Senior Member
    Join Date
    Nov 2001
    Posts
    742

    Have you ever lost or forgotten a user password?

    Originaly from Mark Joseph Edwards, Windows & .NET Magazine Security UPDATE

    Have you ever lost or forgotten a user password? Several tools are available that can help you in those situations, including Peter Nordahl's Offline NT Password & Registry Editor tool (see the first URL below). Nordahl's tool is available in the form of a floppy boot disk image, which contains a single-floppy version of the Linux OS along with software that resets any valid user's password. The tool works on systems that have Syskey enabled--a nice touch--and you can also use the tool to disable Syskey. If you prefer to use a CD-ROM-based boot image, DMZ Services offers one that contains a mini-Linux boot image and Nordahl's password recovery software (second URL below). DMZ Services offers a shell script that can create the bootable International organization for Standardization (ISO)-based image and offers an ISO-based file (.iso) that you can burn directly onto a CD-RW using standard CD-RW burning software.

    http://home.eunet.no/~pnordahl/ntpasswd
    http://www.dmzs.com/tools/files

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    I guess it's not common knowledge that NT can create such bootdisks on it's own.
    -Shkuey
    Living life one line of error free code at a time.

  3. #3

    Talking hehe

    Yups, happpens to me all the time. Not so much as with winblowz, but like with unix shells. Most of the time I end up haveing to re-register. But any who, thanks for the info.

    Remote_Access_

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    276
    *nod nod* Very useful, greenies for you
    Dear Santa, I liked the mp3 player I got but next christmas I want a SA-7 surface to air missile

  5. #5
    Senior Member
    Join Date
    Jan 2002
    Posts
    458
    I never lose paswords, cuz I write them on the botom of my keyboard

  6. #6
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    an NT bootdisk will not allow you to reset passwords you fool hence these tasty red points
    I prefer intelligent discussion over trying to make a point with antipoints, but whatever floats your boat. I'll just let microsoft prove you wrong on this one.

    http://www.microsoft.com/technet/tre...intain/erd.asp

    Microsoft's site is terrible, hard to find anything, but this page makes reference to the fact that their disk can reset passwords.
    -Shkuey
    Living life one line of error free code at a time.

  7. #7
    Senior Member
    Join Date
    Nov 2001
    Posts
    742
    Hello shkuey !

    I promised my self to not write anything down since I have a vacation, but this thread was so tempting that I had to make a post again. And I'm sorry if you got red points for your post in this thread.

    I have never denied that NT boot disk can reset passwords and be of great help. But almost no tool is that good that you would use it if you did not have to, and the tool I mentioned above is such a tool. It's still a beta or maybe even a alpha since their NTFS driver not is perfect.

    I would not use NT rescue disk either if I did not have to.

    Originally posted by shkuey


    I prefer intelligent discussion over trying to make a point with antipoints, but whatever floats your boat. I'll just let microsoft prove you wrong on this one.

    http://www.microsoft.com/technet/tre...intain/erd.asp

    Microsoft's site is terrible, hard to find anything, but this page makes reference to the fact that their disk can reset passwords.
    And now back to NT rescue disk, as I stated it's possible to restore password with it but you have to make a pair of rescue disks of every workstation since the rescue disks are "personal" and do only work on the computer you made them on (correct me if I'm wrong on this one). You also have to put them away in a wault or similiar since it's aint good to have the disks were everyone can use them.. We are talking security, yes?

    Anyway.. My posting was not to show you the perfect tool, and this tool is nice and scary at the same time.. With a bootable CD and SSH client at the CD together with all other tools this could be a nightmare for the administrator of a big network aswell as a minor company dealing with sensitive information.

    Now have I to take vacation for a few days, hope you all can sleep well tonight

  8. #8
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    You're correct, the bootdisks only work on the system that created them, or systems that were created via image(thus having the same security identifier). It's not an incredible security risk if somebody else were to use the disk, since it resets the password to something chosen beforehand and not whatever the user wishes (Not that you want people resetting your passwords either way).

    I agree, I would not use a windows recovery disk unless it was absolutely neccisary.
    -Shkuey
    Living life one line of error free code at a time.

  9. #9
    Originally posted by shkuey
    I guess it's not common knowledge that NT can create such bootdisks on it's own.
    Hmmmm shoot me for being stupid but I wasn't aware the erd could reset passwords. I read the article and I couldn't find the reference you talked about(Am I blind as well as stupid lol). I have used this tool here :

    http://www.winternals.com/products/r.../ntrecover.asp

    to reset passwords. I guess I could save a bundle. Could you please point out the reference? Thanx in advance.

  10. #10
    Senior Member
    Join Date
    Nov 2001
    Posts
    257
    Under the section "Other Handy Uses For An Emergency Repair Disk" it states:

    An up-to-date ERD will also prevent gray hairs when you need to reset the password to a previously used one. It can save you many hours you might otherwise spend reinstalling Windows NT and the associated programs on the workstation being recreated.
    It lacks details, but like I said, I can't find the details on microsoft's abysmal website. Basically these disks back up the registry, which stores previously used passwords (NT 4 remembers the last 3 by default, I think), and by restoring appropriate keys you can reset the password. It is not user friendly at all.

    I do concede that third party software is probably far more flexible to handle these things.
    -Shkuey
    Living life one line of error free code at a time.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •