Saturday, October 07, 2006

Probably your administrator password is not a sicret

Windows passwords are accessible to anyone. Often the professionals who are specialized in solving common computer problems often have by hand Knoppix CD. With this CD they are able to copy all nessessary information from one computer with windows installed and also they are able to discover the administrator’s password on almost every windows OS

The first question I have asked myself was: This passwords have to be encrypted! How is that possible? After small research I found the simple answer - there is an option to encrypt the passwords with windows but this option is disabled by default.

You can find this option like this:
settings -> control panel -> administrative tools -> local security policy -> local policies -> account policies -> password policy -> store password using reversible encryption…

I think that 99% of the computers still have this option disabled. So this passwords are not a secret to anyone able to run live Linux CD

So if you want to keep secrets on your PC you have to think about installing encryption program like cryptainer (free version limited up to 25MB) or even better solution the GPL program TrueCrypt - absolutely free and unlimited and with more options.

No comments: