Forgotten administrator password in Windows 2000 Pro

I see that there are several ways around a forgotten Administrator password in Windows 2000.  Is there any way of locking down the O/S so that someone surfing the 'Net can't find the same information I did and thus remove or change the Administrator password?
jlodataAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
McKnifeConnect With a Mentor Commented:
The password protection of the bios is easy, there is a security menu in every bios or at least a submenu security.
You should set the computer to only boot from the harddrive, lock bios settings and then lock/seal the case of your computer.
Then, if no other user but you is admin, you have a real chance that it will stay like this :)
0
 
johnb6767Commented:
There are several types of monitoring solutions for the gateway, Like SonicWall and Websense.

However, almost all of the methods out there require physical access (or in a few rare cases remote registry , or admin share access). Physical security would be more important in my view. Dont allow the workstations to boot from the CD, and that will thwart alot of attacks (password protect the BIOS Setup, to prevent them from changing it back). Dont forget the physical layer of security as well, in terms of keeping important servers and workstations out of reach, behind locked doors...
0
 
MnfCommented:
you can't lucking down the os for removing te admin password
as you noticed all the ways depinding on the physical access to the pc.
so preventing the access will reduse the chanse (or even block) to reset the admin pass.
even make your password hard to guess is the other important way to make it more and more difficult for hacker to guess the pass
try to make your pass a compination of (numbers,capital alphabetical and small,and some of the sympoles "*/?.-=+&%#@!")
and if you can make it long (more than 14 character in the password make some programs that use the brute force to guess the passwrod not even wrok)

Best regards
0
Building an Effective Phishing Protection Program

Join Director of Product Management Todd OBoyle on April 26th as he covers the key elements of a phishing protection program. Whether you’re an old hat at phishing education or considering starting a program -- we'll discuss critical components that should be in any program.

 
jlodataAuthor Commented:
Thanks for the help so far guys!

Limiting physical access is not an option in this case as this is a PC in a home with several people in residence.  I thought I had resolved the issue of "computer misuse" by requiring a login and password, until the "abuser" was able to strip the administrator password and thus ultimately gain the access I wished to deny.

How do you go about setting the workstation so that it won't boot from the CD?  Additionally, how do you password protect the BIOS?

I'm sure these are rudimentary questions for most of you.  But I'm a software application expert who doesn't know all the finer points of O/S & BIOS settings.
0
 
johnb6767Commented:
The key word in McKnife's statement there for a home user, is
"lock/seal the case of your computer"

Then, if they still get into the case, fire them.
0
 
johnb6767Commented:
and get your PC back, before you do......Tell them its for maintenance.....Have them bring it in, and then fire them...
0
 
orangutangCommented:
But what's the point of that? Anyone can go home and search. The best way is to create a long and strong password that would take forever to brute force but someone can always remove the password with a certain floppy disk. I've read somewhere that you'll lose encrypted files if you reset the password so I don't know if that would help.
0
 
johnb6767Commented:
BTW, to clarify the purpose of this statement....

""lock/seal the case of your computer""

So they cant reset the BIOS, to restore the boot to removable media....

And yes, encrypted files would be lost of they were created by Administrator.
0
 
orangutangCommented:
Oh, yeah, that's a good idea, you can password protect your bios and lock your CPU using certain hardware  so no one can open it.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.