Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How secure are Windows Logon Passwords


  • Please log in to reply
12 replies to this topic

#1 Warthog-Fan

Warthog-Fan

  • Members
  • 290 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:09:19 PM

Posted 02 November 2015 - 09:09 PM

I have a computer running Windows 7 Pro 32-bit. My wife and I both have User accounts, and there is a separate Administrator account which seldom gets used. The Administrator account and my User account are both password-protected. My wife doesn't use a password on her User account.

 

My question is, how secure are the account passwords? Is it easy for a knowledgeable person to work around them and gain access to information in the user's account? And since my wife's User account does not have a password, does this make the entire system more vulnerable?

 

Thanks in advance.


Edited by hamluis, 03 November 2015 - 09:11 AM.
Moved from Win 7 to Gen Security - Hamluis.


BC AdBot (Login to Remove)

 


#2 JohnC_21

JohnC_21

  • Members
  • 23,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:19 PM

Posted 02 November 2015 - 09:22 PM

They are pretty much useless. You can reset the password or enable the hidden administrator account with a bootable disk . You can also boot the computer with a linux disk to access the contents of the hard drive. Even if the computer had SecureBoot enabled to prevent a linux disk from booting you can access bios if it does not have a password and disable it, You can remove the drive and attach it to another computer to explore the contents of the drive. 

 

It is safer to have a strong password on an account. If browsing the UAC comes up asking for a password you just can't press okay and override the UAC prompt. You have to thing and type in the password. A UAC popping up during a browsing session is a big red flag.

 

The only safe way to protect your personal data is to encrypt it.



#3 softeyes

softeyes

  • Members
  • 1,529 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 PM

Posted 02 November 2015 - 09:47 PM

IMO...Account passwords are to protect those who are roaming about your house; office etc. It would be quite odd, that there would be an opportunity for the average user, to have anyone compromise their computer by figuring out your admin. our user account password.

If the computer is hacked, the "hackers" would not have a care in the world what password(s) you have created?

 

The only reason I have my admin. account with a password; and my screen saver set to ask for a password after <however minutes> is to maintain privacy, and a sense of security within my household.

 

Safe computing is the best over all, regardless of your log-in password.

 

Again..just my opinion.



#4 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:11:19 AM

Posted 02 November 2015 - 10:11 PM

JohnC, have you ever used SySKey? Not sure if booting into Hirens would get aroudn that as the SAM would be hashed!

Plus you can always encrypt the harddrive as well.



#5 Warthog-Fan

Warthog-Fan
  • Topic Starter

  • Members
  • 290 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Endicott, NY
  • Local time:09:19 PM

Posted 03 November 2015 - 07:56 AM

Thanks for all of the replies and information.



#6 JohnC_21

JohnC_21

  • Members
  • 23,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:19 PM

Posted 03 November 2015 - 08:23 AM

JohnC, have you ever used SySKey? Not sure if booting into Hirens would get aroudn that as the SAM would be hashed!

Plus you can always encrypt the harddrive as well.

I have not used it but I think Hirens could still access the contents of the drive, but not overcome the login password. Syskey can be disabled using the offline registry editor but it is dangerous.

 

http://blogs.msmvps.com/sp/2008/01/27/disabling-syskey-startup-password/


Edited by JohnC_21, 03 November 2015 - 08:23 AM.


#7 softeyes

softeyes

  • Members
  • 1,529 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 PM

Posted 03 November 2015 - 10:58 AM

Gents: please educate me...what/how is the SySkey? Does it protect user account passwords. Apologies if I seem lazy and not do a Google search, as you both know about this..I'd love to understand!  Heck..anything that can help with user passwords as the OP is talking about would be brilliant!!! soft



#8 JohnC_21

JohnC_21

  • Members
  • 23,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:19 PM

Posted 03 November 2015 - 11:11 AM

Syskey basically encrypts the SAM database which requires another password before Windows loads. Sometimes used by the people calling pretending to be Microsoft support to lock you out of the computer. You can usually fix it by restoring the SAM hive from the registry backup.

 

Syskey_screenshot_on_Windows_XP.jpg



#9 softeyes

softeyes

  • Members
  • 1,529 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:06:19 PM

Posted 03 November 2015 - 02:27 PM

@JohnC_21 ..Thank you for the information <eyes wide open...perhaps if I read this 100 times I'll get it!>

 

(@Warthog-Fan...I hope you don't think I am hijacking your thread! The information they provided to "you" was most interesting to me, thanks)



#10 RolandJS

RolandJS

  • Members
  • 4,517 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Austin TX metro area
  • Local time:08:19 PM

Posted 03 November 2015 - 02:53 PM

At what point is the SAMS hive password entered?


"Take care of thy backups and thy restores shall take care of thee."  -- Ben Franklin revisited.

http://collegecafe.fr.yuku.com/forums/45/Computer-Technologies/

Backup, backup, backup! -- Lady Fitzgerald (w7forums)

Clone or Image often! Backup... -- RockE (WSL)


#11 JohnnyJammer

JohnnyJammer

  • Members
  • 1,117 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:QLD Australia
  • Local time:11:19 AM

Posted 03 November 2015 - 05:52 PM

I knew that hirens (Any device realy) can access the drive of the computer and generally you will find the restore keys under (C:\Windows\System32\config\RegBack) but i wasnt sure if you encryptred the drive with say true crypt you could access that folder to do a restore of the hive.

 

Roland not sure what you mean mate.

 

I note that some military agencies have used SySkey before to harden the machine.


Edited by JohnnyJammer, 03 November 2015 - 05:52 PM.


#12 JohnC_21

JohnC_21

  • Members
  • 23,264 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:19 PM

Posted 03 November 2015 - 06:24 PM

If a person encrypts their drive with truecrypt or veracrypt nothing would be able to touch it.



#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,281 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:19 PM

Posted 04 November 2015 - 05:33 AM

Password Resources
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users