Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Break XP Passwords

Posted on 2011-09-03
15
Medium Priority
?
294 Views
Last Modified: 2012-05-12
I have some compters that are on a domain and I have the domain login info but not the local login info such as admin.

What is the best way to break the local password? Is there a way to do it once logged into the domain?
0
Comment
Question by:ATL74
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +4
15 Comments
 
LVL 98

Accepted Solution

by:
John Hurst earned 544 total points
ID: 36478032
If you have the domain administrator permission, you can log into the XP machine and then change the local administrator password.   ... Thinkpads_User
0
 
LVL 37

Assisted Solution

by:Neil Russell
Neil Russell earned 184 total points
ID: 36478034
You can use a domain group policy to set Local user accounts and passwords. Or user the Group polict to add yourDomain administrator account to the computers Local Administrators Group. Then you will have permissions to reset/change local passwords.

REMEMBER

Changing a users password manually CAN result in them losing access to ALL there previuosly saved data in their profile.
0
 
LVL 10

Assisted Solution

by:Arman Khodabande
Arman Khodabande earned 184 total points
ID: 36478169
This may help you:
http://www.petri.co.il/forgot_administrator_password.htm

Or you can download the following file:
[LINK REMOVED TO AN UNIDENTIFIED SOFTWARE]

Just Change the extension from Jpeg to ISO and burn it to a CD and boot the computer to change password.

This may also help you :
http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Windows/XP/Q_27268116.html
0
Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

 
LVL 10

Assisted Solution

by:abbright
abbright earned 364 total points
ID: 36478361
The passwords are stored in a hashed format on the local computer which means that you cannot "break" the password directly. [MODERATOR EDIT]. If you just need to get access to the accounts you can reset the passwords being domain administrator as the first comment already stated.
0
 
LVL 3

Assisted Solution

by:pma111
pma111 earned 364 total points
ID: 36483467
If you systems are based on an image dont be suprised if the local admin password is the same for all machines? So do you have any admin password?

I assume putting or naming tools is a no go but if you google:

[MODERATOR EDIT]
0
 
LVL 3

Assisted Solution

by:pma111
pma111 earned 364 total points
ID: 36484733
But not quite ;)
0
 
LVL 32

Assisted Solution

by:aleghart
aleghart earned 360 total points
ID: 36497430
The question was answered the first time.  If you are the domain administrator, you don't need to break anything.  Login as the domain admin and change the local administrator password.  Disable or delete any other accounts that have local admin rights.

If you fear loss of encrypted files because a local user is using password protection, then just disable those accounts until the user can contact you to retrieve the files and move them to a domain account.

Straightforward.  No need for hacking tools.
0
 

Author Comment

by:ATL74
ID: 36498004
Is there a way to sync the local admin account password with a domain admin account.

Example Local admin password / hill

Domain admin password / hill

Change domain admin passoword to apple and the local is still hill. Is there a way to make the local change with the domain.
0
 
LVL 98

Assisted Solution

by:John Hurst
John Hurst earned 544 total points
ID: 36498054
>>> Is there a way to sync the local admin account password with a domain admin account.

The two things are different. The passwords can be the same, but they do not sync. They are designed to stand apart and be distint. ... Thinkpads_User
0
 

Author Comment

by:ATL74
ID: 36498961
Is it a good or Bad practice to make them the same and Why?
0
 
LVL 98

Assisted Solution

by:John Hurst
John Hurst earned 544 total points
ID: 36499027
I keep server (domain) passwords different that PC passwords as matter of logical security. I would view making them the same as bad practice in general. ... Thinkpads_User
0
 
LVL 10

Assisted Solution

by:abbright
abbright earned 364 total points
ID: 36500878
I'd consider those XP-passwords only emergency, recovery passwords. Usually since the machines are joined to the domain the domain-admins's account is sufficient for all tasks. So keep the XP passwords secure (only for the people who deploy the machines initially) but don't use them for everyday administration. And keep the domain admin's password different. One reason might be that it might happen that a user far away without network access on his laptop needs for whatever reason administrative access to the machine and the only way is the XP-admin's password to achieve this. If the domain admin's password was the same you'd have a problem. So if you can afford it you could even have a different XP admin's password on every machine, but this would increase administrative overhead of course. It's all a matter convenience vs. security.
0
 
LVL 32

Assisted Solution

by:aleghart
aleghart earned 360 total points
ID: 36501238
Compromised domain passwords can be changed quickly in one place.  Local passwords not so easy, especially at remote sites or mobile users.  There is no "sync" between domain & local.
0

Featured Post

Learn Veeam advantages over legacy backup

Every day, more and more legacy backup customers switch to Veeam. Technologies designed for the client-server era cannot restore any IT service running in the hybrid cloud within seconds. Learn top Veeam advantages over legacy backup and get Veeam for the price of your renewal

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ransomware, the malware that locks down its victim’s files until they pay up, has always been a frustrating issue to deal with. However, a recent mobile ransomware will make the issue a little more personal… by sharing the victim’s mobile browsing h…
What we learned in Webroot's webinar on multi-vector protection.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

610 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question