Advice on removing a start-up password
Brandon Vincent
Brandon.Vincent at asu.edu
Sat Aug 9 17:11:38 UTC 2014
While I discourage this thread because of the intent and purpose of this
list, let me explain what is going on.
Syskey was introduced in Windows NT 4.0 to protect the SAM database (the
storage location for password hashes in Windows) from being accessed
offline and cracked. When a syskey password is set, the password database
in Windows is encrypted with 128-bit RC4. With subsequent reboots, Windows
will prompt you for this password so that it can read the password database
and the system can be used normally.
To remove the syskey encryption on the SAM you need to wipe out the
database and reset all user passwords since decryption of the SAM would
require knowledge of the original encryption password. A reputable tool for
doing this which has been around for a while is ntpasswd (the screenshots
from the link you provided is of this tool, but please download it from the
original developer for integrity purposes):
http://pogostick.net/~pnh/ntpasswd/
After you've reset the SAM, please backup critical data and either
reinstall the operating system (the OS should be considered compromised) or
install something far more secure like GNU/Linux.
Please post future Windows issues to a Microsoft specific mailing list or
forum.
Brandon Vincent
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140809/cd175411/attachment.html>
More information about the ubuntu-users
mailing list