Originally posted by: Zolty
lots, you arent going to break it
just reformat or view the drive with knopix
Actually if the passwords are weak they can be broken surprisingly easily. Yet another reason strong passwords are a must.Originally posted by: kylebubp
I wouldnt bother...
YOU CAN"T BREAK IT!!11!!
Originally posted by: spyordie007
Actually if the passwords are weak they can be broken surprisingly easily. Yet another reason strong passwords are a must.Originally posted by: kylebubp
I wouldnt bother...
YOU CAN"T BREAK IT!!11!!
Originally posted by: spyordie007
Actually if the passwords are weak they can be broken surprisingly easily. Yet another reason strong passwords are a must.Originally posted by: kylebubp
I wouldnt bother...
YOU CAN"T BREAK IT!!11!!
Originally posted by: kylebubp
Originally posted by: spyordie007
Actually if the passwords are weak they can be broken surprisingly easily. Yet another reason strong passwords are a must.Originally posted by: kylebubp
I wouldnt bother...
YOU CAN"T BREAK IT!!11!!
Yeah, I know. I was being sarcastic. It takes bout 1 minute to crack a simple password with L0phtcrack. Thats why on Windows machines I typically just type a line out of a song or something with correct punctuation and spaces for my password. Have fun trying to crack a 25 character password with spaces. Hell, might even throw an ASCII character in as well, just for fun.
Have fun trying to crack a 25 character password with spaces.
Takes about 5 minutes of physical access to the PC and all of the passwords are bypassed, which means all the encrypted files (MS) are also visible.
Microsoft Support: How to prevent Windows from storing a LAN Manager Hash...Originally posted by: Nothinman
Unless you've told the system not to generate legacy LANMAN hashes, you're still screwed.
"Method 3: Use a Password That Is at Least 15 Characters Long
The simplest way to prevent Windows from storing an LM hash of your password is to use a password that is at least 15 characters long. In this case, Windows stores an LM hash value that cannot be used to authenticate the user."
Originally posted by: Nothinman
"Method 3: Use a Password That Is at Least 15 Characters Long
The simplest way to prevent Windows from storing an LM hash of your password is to use a password that is at least 15 characters long. In this case, Windows stores an LM hash value that cannot be used to authenticate the user."
If that's true, why do they store anything at all?
Originally posted by: spyordie007
I like to randomly generate them, here is a decent web-based generator for those who need one:
<a target=_blank class=ftalternatingbarlinklarge href="https://www.winguides.com/security/password.php"><a target=_blank class=ftalternatingbarlinklarge href="https://www.winguides.com/security/password.php">https://www.winguides.com/security/password.php</a></a>
I suggest:
1. Randomize the local admin account's password (something long and complex)
2. Store the password offline in a physically secure location (i.e. a safe)
3. Disable the local admin account (it will still work if you need it for safe mode or the recovery console, this prevents it from getting used normally)
4. If it's a domain member use restricted groups from group policy to ensure compliance of the "Administrators" and "Power Users" groups
5. Take a 5 minute break and pat yourself on the back
-Erik
I'm assuming because the LM hash is provided for backwards compatability and since Win 95/98 doesnt support more than 14 charactors for a password on a NT system there would be no reason to try and create a LM hash if your password was longer (because you wouldnt be able to connect anyways).Originally posted by: Nothinman
"Method 3: Use a Password That Is at Least 15 Characters Long
The simplest way to prevent Windows from storing an LM hash of your password is to use a password that is at least 15 characters long. In this case, Windows stores an LM hash value that cannot be used to authenticate the user."
If that's true, why do they store anything at all?
I'm assuming because the LM hash is provided for backwards compatability and since Win 95/98 doesnt support more than 14 charactors for a password on a NT system there would be no reason to try and create a LM hash if your password was longer (because you wouldnt be able to connect anyways).