A list of the user accounts found in the SAM file will be displayed.
Check the ones you wish to attempt to discover passwords for.
Click the 'brute force attack' tab, then check the 'all digits (0-9)' box
unless you are sure the password you need did not contain numbers.
Click the 'start recovery' icon on the toolbar. Please note that
cracking the password may take anywhere from 10 minutes to several hours, if it
works at all. Complex passwords with different cases and numbers will take
much, much longer to crack.
On an other note, if you just want to see how good you
own password choices are, you can always follow the steps mentioned above and
try to crack your operating system's SAM file as means of conducting your own
personal security audit. If you have a Windows password like "cat", chances are it will take only a few moments
for the software to discover it. There's also a certain amount of satisfaction from
stumping the crack utility altogether, or at least keeping it crunching away
for a few days. ;-)
A note on security:
We hope this article
has been useful to you. As you can see, there are a
fair number of ways to get around Windows 2000/XP's password security
systems, especially if you have physical access to the computer in question.
To
protect yourself from having the techniques contained in this article used
against you maliciously, there are a few basic steps you should take.
Firstly, as we have said in several other articles you
must set secure passwords for all user accounts. As you have seen, it is quite
simple for password cracking programs to decipher normal dictionary
words.
Use
combinations of numbers and letters, including upper-case letters, to make more
secure passwords which will take a discouraging amount of time to crack.
In Windows XP, all accounts created during the install process have full
administrative privileges, and they do not have passwords by default. Fix
this.
Secondly, as you have seen in this article, there is no such thing as a
secure password if the potential intruder has physical access to your
computer. Keep this in mind, especially if your computers are exposed to
the public.
Find out about this and many other reviews by joining the Weekly
PCstats.com Newsletter today!
RSS Newsletter
