Windows Password Loophole
a. ok now, what you need to do is to run compmgmt.msc
b. and click on local users and groups.
c. once you’ve gotten here you need to open up the ‘users’ folder.
at this point i am walking along with you and notice that there are several
major security holes dealing specifically with the password:
1. double clicking on the any user name allows you a list that looks
something like this:
“user name”
full name: ———————–
|__________________|
description: ———————–
|__________________|
–
|_| user must change password at next logon
–
|_| user cannot change password
–
|/| password never expires
–
|_| account is disabled
–
|_| account is locked out
“ok” “cancel” “apply”
ok if you can get past my cheesy drawing, i must ask, did you notice that
the “password never expires” box is checked? if you did, then you may have
realized that this means that you can also uncheck it!
2. if ure paying attention, you’ll see that the ‘user must change password
at next logon’ box is unchecked. if you put a check in this box of course,
when you shut down the system will prompt for a new password!
3. going back to step c.,
right click on any account and notice the dialoge that appears:
set password…
all tasks
delete
rename
properties
help
i think you can handle it from here
ps. i wonder if you can access this data if this stuff is locked to the user
by the admin by going in through the command prompt. i doubt it but if neone
finds a way let me know.
Popularity: 1% [?]
Enjoyed this article? Subscribe to Hacking Truths and get daily updates about new cool websites and programs in your email for free.
My name is Ashik a.k.a. "Hungry Hacker". I am student of Computer Engineering from Institute of Technology, Nirma University, Ahmedabad. I am addicted to Internet and always in search of Hacks. According to me,
Please contact me, I need to obtain something from a gmail I am unable to access. The password is buried somewhere in my laptop along with the answer to the secret question. The passwords I can obtain via firefox are no longer valid.
Note : If you have any Query related to the above Article please Post it to the Support Forum.
Leave your response!