password probs, poss 2K

Hello,

Windows 2000 and XP are operating systems that seek authentication before allowing a user to continue. This is a security model, and it is used to isolate users from each other. It also allows different users to customize their machines in their own personal way. Linux and Mac OS X have a similar user model.

If your friend remembers the Administrator information (username / password), then that account can be used to reset passwords. If there are any other administrators enabled on that machine, those accounts can also reset passwords. This is why it is really dangerous programming model to almost require users to be local administrators -- there are packages out there that insist that the local user must be a local administrator.

If not, there are tools out there to crack the password, and if that is what you intend on doing, you may research it elsewhere -- we do not discuss those particulars at DaniWeb.

I would suggest that if your friend does not remember the passwords, that you re-format the box and start over. I do not think Windows Repair changes the password file.

And as a side note to you... unless you have the physical security of a vault, I would not enable auto-login. UNless you have nothing of value on the box. It is a sure invitation to problems.

Christian

His computer is for home use, not office, but again, he's Mexican and I'm born and raised in the US, so English translation and his expertice level may have me at a disadvantage right now. Either way, it sounds like he may need expert attention. I doubt he'd like to lose anything by restoring the OS.

I use auto-log in for trusted sites, as I recently went into my own PC naming URLs I frequently post at in HTML.
I started out at Usenet, but gave that up as it's ripe for spam and trash-talk

I have an included security setup via Compaq with my new computer, along with AOL and McAfee, however, I have not paid for any protection software out of pocket. Recently I had spyware/Trojan attack cost me $140 to debug though.
By 'box' you refer to the PC's physicals?
BILL

Hello,

By box, I am referring to the data on the hard drives. I also hold the opinion that household devices should be secured. It is possible that had you not been a local administrator, that the buggings would not have happened, and you could have saved the $140.

Christian

Of course they were using local admin...what do you use? When I get on my computer I don't want to be told I'm not allowed to do things - but then again I can fix problems that arise from my use and I'm aware of the risks I take.

No offense but since when do we not discuss particulars of resetting passwords here? Everyone knows about: http://home.eunet.no/~pnordahl/ntpasswd/

...it should be mentioned that the *free* password reset utilities like the one above tend to break Windows. *None* of these utilities should be used except as a last resort. Emergency Recovery Disk is another, more reliable utility that can be used to reset admin passwords but a proper licensed version will set you back somewhere around $150/user -which is way cheaper than it used to be...it's been years since I used it - used to be like $600/user: http://www.winternals.com/products/repairandrecovery/erdcommander2002.asp?pid=erd

I think the utilities are purposely expensive to detract the lazier/broke community of unauthorized/unskilled users from using a utility like this to gain access.

Unless user level data encryption was set, which I don't think should be an issue on Windows 2000, one could just do a parallel install of Windows and retrieve files that way...make backups of data to cd and then reinstall Windows and this time take note of the admin password!