Can't get passed password

Hi! I've been in the center of a similar thread before and I've also been questioned about my motives on why I'd like to have the password on the PC I was working on reset or replaced. The moderators and a few others were good-natured, though, so there were no hurt feelings. However, someone who is good enough to butt in reasoned out that these sort of information isn't at all a big secret in the web and, perhaps, a URL might end up the thread in good faith. I got into where he pointed me out and I solved my problem. Perhaps, I could do the same with you since no one protested with the idea before. Here it is, and you may help yourself...

http://www.shebeen.com/bootdisk.htm

Just to throw in my $0.02, I agree that we need to be responsible when addressing certain topics, but it's worth pointing out that Microsoft's own online Knowledge Base provides instructions for bypassing lost passwords.

I think info like this needs to be shared (to a certain extent) because people need to be aware of where their system's security deficiencies are, and Microsoft isn't always forthcoming with that info. Win2K's default security settings, even with NTFS, presumes that potential attackers will not have physical access to the system. It could be eye opening for the majority of users to realize that even a moderately experienced user could gain access to a default Win2K setup within a manner of minutes, if they have physical access.

Administrators need to realize that simple steps, such as locking down the BIOS and disabling booting from a floppy or CD-ROM, greatly enhance the security and integrity of their systems. Notebook users in particular should be taking extra steps, such as enabling NTFS encryption, to protect their systems, to ensure that their business files are not accessible on a stolen notebook even if the passwords are bypassed.

For that same reason, home users may want to take extra steps as well. I'm sure there are a lot of people out there storing sensitive personal information on their PC's that they would not want people having access to in the event their system is ever stolen (or even serviced). There was an interesting article on CNet recently that outlined how easy it was for a couple of researchers to scour old hard drives for personal information (http://news.com.com/2100-1040-980824.html ), it could just as easily apply to a stolen PC or hard drive.

Anyways, sorry for rambling, I just happen to be in the middle of putting a presentation together on network security so this thread struck a cord. Like I said, just my $0.02...

KV

Hi KV I understand where your coming from but I must point out if you read the requests they leave one suspicious in the way they are written,which may well be in all innocence,but to me they fly a red flag.

My 10 cents worth (inflation, ya know) I don't really feel that the personal attacks on drpcbinder were fair or justified. Even if he is up to no good, you guys have no solid evidence of that. Remember the principle our legal system is built upon: Innocent until proven guilty.

My tone was not to attack anybody and I appologise if anybody feels offended.
I am merely pointing out why there was and still is doubt in my mind as to the validity of the post.

In some cases gut feeling goes a long way.

Thanks all. I got it done. Just thought it would have been faster here. It's a Dell laptop. I called the computer people and they told me how to get into the bios for the Dell (hit F2 when booting up). From there I changed the bios to boot up to the CD. Then I reformatted and installed XP. That’s all I wanted to do. Just for the record and I know I can't prove it without getting lengthy with my knowledge. I am a DEA Agent and if I wanted to lie about something don't you think I would pick something more Spy like, like the CIA, NSA or FBI. My grammar and spellings not the best but that’s what computers are for (hehehe). Thanks again for all who helped, Rob

How bizarre.

I bet the former owner of that laptop has a solid lawsuit if he can find a good lawyer. Even if I'm a drug dealer, that doesn't give the DEA the right to drop my contact list, emails, phone number, possibly credit card info, SSN, internet browsing history, etc. into the lap of an agent/employee who has no business in that information whatsoever. I hope he installed a homing beacon on the laptop before it left.

If it was confiscated, why wouldn't the DEA try to crack it first? And I know for a fact, HDs that hold nonclassified data from the US government are triple-wiped before auction, and HDs with classified data are shredded. Now, what happens to private sector HDs I'm not certain on.