hacking computer password

lola_run

I have a password to protect my laptop which runs on Windows Vista. I was wondering how easy it would be for someone to crack this password.

If my PC ever gets stolen, I want to make it as difficult as possible for anyone to hack into my information. Any tips?

KTRIC

Only way to stop access to a laptop is to put a BIOS password on it, if they don't know that then its useless. Some laptops even have security in the BIOS for the harddrive, so if its removed then they still can't access the data.

dlofnep

Very hard to "crack" the password, but alot easier to change the password. On the previous versions of windows (xp, 2k, nt) - this was easy to do with any other os and injecting new values into the file that stores the password using applications like ntpasswd and such. This couldn't be done when windows was running as the file was locked when the OS was running, hence the reason why you'd need to boot up using another operating system.. I'd assume it would be just as easy on Vista.

Hal1

Bios passwords are crackable, but some software companies provide software that can make it really difficult to gain access. But nothing is impossible.

Saruman

The only way i know the get past a Bios password is is the clear it with a hardware intervention. Uusually by moving a jumper. Desktpps all have easy access to this but laptops usually do not, but this is not always the case. Some do and others will have it on the motherboard but you hae to take the entire laptop apart to get to it. you avergage thief will knot know how. And if they do know enough to know how to do it they are probably wealthy enough not to have stolen it in the first place

I do not think you can crack a bios password with any form of software since you are asked to enter it before it loads the bios itself, in other words.. you cant even boot up off a cd or floppy.

Anyway a windows password is not enough. Oh and if you happen to have Vista ultimate or Business you can encrypt your drive contents to help prevent the data being accessed if stolen.

KdjaCL

IBM hard drive password is uncrackable, if you have an IBM hard drive turn it on but dont forget your password.

if your laptop is stolen then the HD will have to be binned.


kdjac

NullZer0

Firstly guys Id like to correct you.

IT IS IN FACT VERY EASY TO GET BY AN XP PASSWORD.

1)Linux CD
2) Retrieve the SAM files
3) Use Sam-Inside to get the password

Bios password can be reset :P

Saruman

Who are you correcting iRock? I believe almost everyone said how easy it is to get past a windows password. Hell you do not even need to crack it.. just rename or delete the sam file and it recreates it and you can log in as administrator (no password).

As a result everyone suggested bios passwords as these are much harder and in the case of laptops, sometimes impossible to bypass.
And if you read the other posts you would see its a laptop he is talking about so not all, in fact very few have a nice little jumper that you can get at in under a minute to reset.

NullZer0

Sorry but I didnt see the laptop part...well I did but should have thought about that.

True it recreates..... But if you want to know the password you have to crack it.


If I didnt want the password Id use Winternals ERD commander to change it.

mickoneill30

lola_run wrote:

I have a password to protect my laptop which runs on Windows Vista. I was wondering how easy it would be for someone to crack this password.

If my PC ever gets stolen, I want to make it as difficult as possible for anyone to hack into my information. Any tips?

If somebody has access to your hardware (no matter what the OS) they're half way home. XP & Vista come with file encryption software so you can encrypt your data so even if somebody takes the HDD out of your laptop and puts it into something else the data is unreadable to them. There's also a handy util called TrueCrypt. You can create a 10GB (or whatever) file, encrypt it, mount it as a drive and store all your data there. Pretty safe. If you use USB keys this should be an essential util for you also.

For any type of encryption system make sure you read the instructions on how to backup keys / passwords etc. If you lose that info then you're locked out too.

SouperComputer

If I didnt want the password Id use Winternals ERD commander to change it.

Aye, but if the user is using EFS then the data will be inaccessible if you reset the SID.

BIOS password is pretty easy to pass on a laptop. It doesnt take much to either locate and remove the CMOS battery or to locate the CMOS chip itself and either work out what jumpers\points to short, or give them a jolt to corrupt the contents which cause defaults to loaded. It could be enough to deter a common-thief, although they all have computer friends for just this situation!

OP there is no true way of fully securing the laptop.

HD password is also a good idea. Its not economical for a common-thief to pay for the data to be recovered from it. However if you feel you are a target for theft becuase of the data you have, then i'm sure they would have no qualms paying the couple of 100e to get access to the data.

So your options, you can mix and match, depending on your paranoia level.:

1) BIOS Password
2) HD password (not supported by all laptops\HD's)
3) Windows Password combined with EFS (Encrypting File system)
4) Third party encryption.

Oh, and of course, dont forget to backup

lola_run

Saruman wrote:

The only way i know the get past a Bios password is is the clear it with a hardware intervention. Uusually by moving a jumper. Desktpps all have easy access to this but laptops usually do not, but this is not always the case. Some do and others will have it on the motherboard but you hae to take the entire laptop apart to get to it. you avergage thief will knot know how. And if they do know enough to know how to do it they are probably wealthy enough not to have stolen it in the first place

I do not think you can crack a bios password with any form of software since you are asked to enter it before it loads the bios itself, in other words.. you cant even boot up off a cd or floppy.

Anyway a windows password is not enough. Oh and if you happen to have Vista ultimate or Business you can encrypt your drive contents to help prevent the data being accessed if stolen.

hello, i found out about the bios password before i got a chance to read your posts. My laptop is a toshiba satellite and runs on Windows vista. I was told that the bios password cannot be cracked without actually taking the computer apart but doing this would actually erase the memory and render the computer useless. How true is this information?

I don't know anything about a HDD password. But if possible I only want to have remember two passwords, as there's too much risk that i forget a third one!

BlackWizard

BIOS is pretty yuck to mess with. I tried to get a Dell Dsomething working after my mams friend forgot her password.

I couldnt do it at all. Then got a few mates to help out. Tried doing everything to the bios including replacing the whole ****ing lot. Yeah it worked, but the amount of issues we had trying to get it into the bios screen rendered the laptop useless. Although the harddrive, CD Rom, Battery , Screen etc all worked perfectly. Unless I had another Dell D laptop or some nifty PC equipment, there was no way I could access what was on her harddisk.

I think if you really have important information, that you are worried about a bios password along not doing the job, then maybe you should talk to a security specialist. Maybe even a body guard or two

How important is the information thats on your laptop?

lola_run

BlackWizard wrote:

BIOS is pretty yuck to mess with. I tried to get a Dell Dsomething working after my mams friend forgot her password.

I couldnt do it at all. Then got a few mates to help out. Tried doing everything to the bios including replacing the whole ****ing lot. Yeah it worked, but the amount of issues we had trying to get it into the bios screen rendered the laptop useless. Although the harddrive, CD Rom, Battery , Screen etc all worked perfectly. Unless I had another Dell D laptop or some nifty PC equipment, there was no way I could access what was on her harddisk.

I think if you really have important information, that you are worried about a bios password along not doing the job, then maybe you should talk to a security specialist. Maybe even a body guard or two

How important is the information thats on your laptop?

thanks for that. i think an average laptop thief would be unable to get past that. ;-)

so few people know about this bios password. There should be some warning that comes with every new laptop.

The data i have on my laptop is very important, as it's my work pc. Obviously i do back ups and so on. however, it's not really the data i'm worried about, it's more certain programs which have credit such as my voip account. I recently had a laptop stolen and had the voip account emptied. I thought these thieves just formated the whole computer but it seems not!

What hurts the most is actually losing 'the machine' itself. What do thieves do once they realise the computer is protected by a BIOS password, I wonder?

I'm also trying to figure out this encryption thing... looks complicated.

martin84

Is say the first thing they would do is try and flog it off.
Ya I had to wipe a BIOS password before on a Latitude, took about an hour, not the easiest thing to do.

lola_run

martin84 wrote:

Is say the first thing they would do is try and flog it off.
Ya I had to wipe a BIOS password before on a Latitude, took about an hour, not the easiest thing to do.

and after you cracked it could you use the computer?

just found this:

http://www.tech-faq.com/reset-bios-password.shtml

and these

http://www.wikihow.com/Break-a-BIOS-Password

http://www.computerhope.com/issues/ch000451.htm

If you forget bios password for Toshiba computer, just hold down Shift Key as computer is booting! God, any eiijit can do that!

http://searchwindowssecurity.techtarget.com/generic/0,295582,sid45_gci1206494,00.html

i've now come to the conclusion that having a bios password is absolutely useless. even the most stupid of thiefs can enter bios + hacking into google and take it from there! Never leaving my laptop out of sight again!

red_ice

KTRIC wrote:

Only way to stop access to a laptop is to put a BIOS password on it

reset the bios that thats that sorted.

There is no way to have security on your pc if someone knows what they are doing.

I heard of a trick that works by replacing the login.(something) with cmd.exe. So when your machine reboots it automaticly loads of CMD thus giving the user full unrestricted access to everything on your machine...

Man vista is terrible.

lola_run

red_ice wrote:

reset the bios that thats that sorted.

There is no way to have security on your pc if someone knows what they are doing.

I heard of a trick that works by replacing the login.(something) with cmd.exe. So when your machine reboots it automaticly loads of CMD thus giving the user full unrestricted access to everything on your machine...

Man vista is terrible.

I know you can buy PC locks, are there ones that have alarms??

red_ice

its login.scr

Yea you can, but im pritty sure all those 'locks' are backboned on the windows one.

mickoneill30

red_ice wrote:

I heard of a trick that works by replacing the login.(something) with cmd.exe. So when your machine reboots it automaticly loads of CMD thus giving the user full unrestricted access to everything on your machine...

Man vista is terrible.

So for them to do that they need to have access to your machine first of all? Or get the user to type in the admin password (if using Vista) for your dodgy app to replace the cmd.exe file. Yeah, Vista is terrible :rolleyes:

lola_run

red_ice wrote:

its login.scr

Yea you can, but im pritty sure all those 'locks' are backboned on the windows one.

what do you mean backboned?

i'm talking about a physical lock like a bike lock.

also at home i'm considering storing my laptop in a safe when i'm not at home. how much do thes safes cost?

pedro ferio-vti

Do a google on Safeboot software. It encrypts the hard drive contents and provides password protection before the boot phase. It is really only for business and not personal use though.

www.safeboot.com

pedro ferio-vti

Actually the new safeboot is client server so is suitable for medium to large businesses. If you wanted it just to encrypt your drive contents and provide the pre-boot password look for the older client only version. Believe it was v3.x

red_ice

lola_run wrote:

what do you mean backboned?

i'm talking about a physical lock like a bike lock.

lol, thats so retro Nevermind my backbone comment - thought you ment like a new GUI on the login screen by some randomass company reinventing the wheel.

mickoneill30 wrote:

So for them to do that they need to have access to your machine first of all? Or get the user to type in the admin password (if using Vista) for your dodgy app to replace the cmd.exe file. Yeah, Vista is terrible :rolleyes:

There are plenty of ways around that sort of thing. You can create another partition on the drive and install what ever you want on that harddrive and get what ever data off it you want. Why do people like you try make poeple like me out to be stupid when you clearly dont know what your talking about :rolleyes::rolleyes::rolleyes::rolleyes::rolleyes::rolleyes::rolleyes::rolleyes:

themole

lola_run wrote:

what do you mean backboned?

i'm talking about a physical lock like a bike lock.

also at home i'm considering storing my laptop in a safe when i'm not at home. how much do thes safes cost?

You can get a physical lock, something like this. Not the best in the world, but worth having if only to stop someone taking the laptop which you are away from your desk etc.

As for a safe, i saw one in woodies a while ago for around €200 which had a plug inside for plugging in your laptop. Dunno if it was anygood security wise though.

Your best bet is a combination of locked and hidden, possbily locked into a drawer in your wardrobe or something.

challengemaster

iRock wrote:

IT IS IN FACT VERY EASY TO GET BY AN XP PASSWORD.

1)Linux CD
2) Retrieve the SAM files
3) Use Sam-Inside to get the password

or why not use the good old way microsoft give to you already.. safe mode -> admin account, change the user password.