Re: [NTLK] NBU, NCK et al: Beware of Windows XP restore points

From: Tony Morrow <gizmo1482_at_gmail.com>
Date: Sat Mar 14 2009 - 23:40:17 EDT

On Mar 14, 2009, at 11:13 PM, Dan wrote:

> But I also didn't know that MICROSOFT actually said "here this is how
> you erase your passwords". Talk about security (NOT). Really a
> shame.
> Last time I checked into this (granted it was a few years ago)
> their
> stance was..."sorry you need to reinstall". I guess they got so many
> support calls for this problem that they created this tool? And
> here I
> was always told that it was a 'hack' lol (well I am sure the one I
> have
> is a 'hack' that I downloaded in case my customers, or myself, ran
> into
> a password problem).

The password reset disk you create is specific to that user account.
So its not like you can create the disk and walk up to any random
computer and login. Its more of a preemptive step incase you ever
need to access the computer and have forgotten your password. If you
change your password then I think you even have to recreate the disk.
There are, however, tools out there that can be used to erase the
password off a user account. They do this by messing with the SAM
files and password hashes. But if you encrypted files using XP Pro's
built-in utility then those files are rendered unreadable (since
access is based on the user and the user's password). Truth is, there
is always a way around security. You just have to ask "how?" and "how
long?"

-Tony

====================================================================
The NewtonTalk Mailing List - http://www.newtontalk.net/
The Official Newton FAQ - http://www.splorp.com/newton/faq/
The Newton Glossary - http://www.splorp.com/newton/glossary/
WikiWikiNewt - http://tools.unna.org/wikiwikinewt/
====================================================================
Received on Sat Mar 14 23:40:27 2009

This archive was generated by hypermail 2.1.8 : Sun Mar 15 2009 - 15:30:00 EDT