Advice on removing a start-up password
Bill Stanley
bstanle at wowway.com
Sat Aug 9 17:20:50 UTC 2014
On 08/09/2014 01:11 PM, Brandon Vincent wrote:
> While I discourage this thread because of the intent and purpose of
> this list, let me explain what is going on.
>
> Syskey was introduced in Windows NT 4.0 to protect the SAM database
> (the storage location for password hashes in Windows) from being
> accessed offline and cracked. When a syskey password is set, the
> password database in Windows is encrypted with 128-bit RC4. With
> subsequent reboots, Windows will prompt you for this password so that
> it can read the password database and the system can be used normally.
>
> To remove the syskey encryption on the SAM you need to wipe out the
> database and reset all user passwords since decryption of the SAM
> would require knowledge of the original encryption password. A
> reputable tool for doing this which has been around for a while is
> ntpasswd (the screenshots from the link you provided is of this tool,
> but please download it from the original developer for integrity
> purposes):
>
> http://pogostick.net/~pnh/ntpasswd/
> <http://pogostick.net/%7Epnh/ntpasswd/>
>
> After you've reset the SAM, please backup critical data and either
> reinstall the operating system (the OS should be considered
> compromised) or install something far more secure like GNU/Linux.
>
> Please post future Windows issues to a Microsoft specific mailing list
> or forum.
>
> Brandon Vincent
>
>
WS=> Thanks, I was looking for some advice and you on the forum
responded. I now know that I am on the right track.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20140809/67cb4227/attachment.html>
More information about the ubuntu-users
mailing list