Solved

Forgotten administrator password in Windows 2000 Pro

Posted on 2006-10-31
9
169 Views
Last Modified: 2013-12-04
I see that there are several ways around a forgotten Administrator password in Windows 2000.  Is there any way of locking down the O/S so that someone surfing the 'Net can't find the same information I did and thus remove or change the Administrator password?
0
Comment
Question by:jlodata
9 Comments
 
LVL 66

Expert Comment

by:johnb6767
ID: 17844131
There are several types of monitoring solutions for the gateway, Like SonicWall and Websense.

However, almost all of the methods out there require physical access (or in a few rare cases remote registry , or admin share access). Physical security would be more important in my view. Dont allow the workstations to boot from the CD, and that will thwart alot of attacks (password protect the BIOS Setup, to prevent them from changing it back). Dont forget the physical layer of security as well, in terms of keeping important servers and workstations out of reach, behind locked doors...
0
 
LVL 6

Expert Comment

by:Mnf
ID: 17844295
you can't lucking down the os for removing te admin password
as you noticed all the ways depinding on the physical access to the pc.
so preventing the access will reduse the chanse (or even block) to reset the admin pass.
even make your password hard to guess is the other important way to make it more and more difficult for hacker to guess the pass
try to make your pass a compination of (numbers,capital alphabetical and small,and some of the sympoles "*/?.-=+&%#@!")
and if you can make it long (more than 14 character in the password make some programs that use the brute force to guess the passwrod not even wrok)

Best regards
0
 

Author Comment

by:jlodata
ID: 17845620
Thanks for the help so far guys!

Limiting physical access is not an option in this case as this is a PC in a home with several people in residence.  I thought I had resolved the issue of "computer misuse" by requiring a login and password, until the "abuser" was able to strip the administrator password and thus ultimately gain the access I wished to deny.

How do you go about setting the workstation so that it won't boot from the CD?  Additionally, how do you password protect the BIOS?

I'm sure these are rudimentary questions for most of you.  But I'm a software application expert who doesn't know all the finer points of O/S & BIOS settings.
0
 
LVL 53

Accepted Solution

by:
McKnife earned 125 total points
ID: 17845701
The password protection of the bios is easy, there is a security menu in every bios or at least a submenu security.
You should set the computer to only boot from the harddrive, lock bios settings and then lock/seal the case of your computer.
Then, if no other user but you is admin, you have a real chance that it will stay like this :)
0
Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

 
LVL 66

Expert Comment

by:johnb6767
ID: 17846051
The key word in McKnife's statement there for a home user, is
"lock/seal the case of your computer"

Then, if they still get into the case, fire them.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 17846056
and get your PC back, before you do......Tell them its for maintenance.....Have them bring it in, and then fire them...
0
 
LVL 22

Expert Comment

by:orangutang
ID: 17860171
But what's the point of that? Anyone can go home and search. The best way is to create a long and strong password that would take forever to brute force but someone can always remove the password with a certain floppy disk. I've read somewhere that you'll lose encrypted files if you reset the password so I don't know if that would help.
0
 
LVL 66

Expert Comment

by:johnb6767
ID: 17860319
BTW, to clarify the purpose of this statement....

""lock/seal the case of your computer""

So they cant reset the BIOS, to restore the boot to removable media....

And yes, encrypted files would be lost of they were created by Administrator.
0
 
LVL 22

Expert Comment

by:orangutang
ID: 17860348
Oh, yeah, that's a good idea, you can password protect your bios and lock your CPU using certain hardware  so no one can open it.
0

Featured Post

Superior storage. Superior surveillance.

WD Purple drives are built for 24/7, always-on, high-definition security systems. With support for up to 8 hard drives and 32 cameras, WD Purple drives are optimized for surveillance.

Join & Write a Comment

Suggested Solutions

Many people tend to confuse the function of a virus with the one of adware, this misunderstanding of the basic of what each software is and how it operates causes users and organizations to take the wrong security measures that would protect them ag…
Recently, I read that Microsoft has analysed statistics for their security intelligence report. It revealed: still, the clear majority of windows users do their daily work as administrator. An administrative account is a burden, security-wise. My ar…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now