Advice on removing a start-up password

Bill Stanley bstanle at wowway.com
Sat Aug 9 17:20:50 UTC 2014


On 08/09/2014 01:11 PM, Brandon Vincent wrote:
> While I discourage this thread because of the intent and purpose of 
> this list, let me explain what is going on.
>
> Syskey was introduced in Windows NT 4.0 to protect the SAM database 
> (the storage location for password hashes in Windows) from being 
> accessed offline and cracked. When a syskey password is set, the 
> password database in Windows is encrypted with 128-bit RC4. With 
> subsequent reboots, Windows will prompt you for this password so that 
> it can read the password database and the system can be used normally.
>
> To remove the syskey encryption on the SAM you need to wipe out the 
> database and reset all user passwords since decryption of the SAM 
> would require knowledge of the original encryption password. A 
> reputable tool for doing this which has been around for a while is 
> ntpasswd (the screenshots from the link you provided is of this tool, 
> but please download it from the original developer for integrity 
> purposes):
>
> http://pogostick.net/~pnh/ntpasswd/ 
> <http://pogostick.net/%7Epnh/ntpasswd/>
>
> After you've reset the SAM, please backup critical data and either 
> reinstall the operating system (the OS should be considered 
> compromised) or install something far more secure like GNU/Linux.
>
> Please post future Windows issues to a Microsoft specific mailing list 
> or forum.
>
> Brandon Vincent
>
>
WS=> Thanks, I was looking for some advice and you on the forum 
responded.  I now know that I am on the right track.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140809/67cb4227/attachment.html>


More information about the ubuntu-users mailing list