Tip & How-To about Computers & Internet

SAM file Vulnerability in Microsoft Windows OS !


I’m introducing this tip to explain to you the dangerous vulnerability in windows (2000 ,XP, Vista and WIN7 ) Local users accounts .
The important question here is: am I safe when using windows user account with a strong password ?
Does this password prevents other people see or access my own and very private files?
The answer is definitely NO !!!
Because of SAM file Vulnerability that microsoft insists to use in every OS version starting with windows 2000 till now.
The local accounts you create in windows are stored in SAM file that exists in the following path “C:Windows\System32\config” .

The good news is that the file is encrypted but the bad news is that there is a lot of third party tools that can clear any password stored in that file Offline (via booting from a boot disk or CD or USB drive that contains the crack tool ) , and if anyone managed to apply such software on your pc that means that he is able to login with a blank password . but wait a second the victim can easily discover that someone missed up the his or her password (this is good but too late ) because the attacker has got what he wanted.

Some clever Hackers uses another technique which is : copying your original SAM file to some safe place , then apply one of the third party tools, then reboot and enjoys accessing your files eventually he restore your original SAM file (which contains your Non-blank password) by overwriting the cracked SAM . this way you won’t even feel any change to your VERY SECURE PASSWORD !!!!.


Putting all in a nutshell , nothing is 100% secure , i suggest to take these these best practices in to your concedratin :

- Use Bios Password instead of windows password specially with laptops(in laptops Bios password can not be cracked or cleared by Jumper )
- Never leave your confidential data on the same hard disk drive of your pc , it is better to save them to external hard drives or USB sticks or DVD.
-Convert Fat32 drives to NTFS and Use Encrypting File System (EFS) feature to store files in an encrypted format on your hard disk.
-Some laptops has a hardware encryption chip that can encrypt data on hard disk drive.
-windows vista and 7 (Ultimate and Business Edition) has a new hard disk encryption feature called BitLocker that prevents a thief who boots another operating system or runs a software hacking tool from breaking Windows files .

The end

Posted by on

Computers & Internet Logo

Related Topics:

Related Questions:

4 Answers

I FORGOT MY USER PASSWORD IN MY ACER TRAVELMATE 252XC_DT LAPTOP.SO HOW TO REMAOVE THE PASSWORD??????????


Hi,
just boot the system u will get the user selection screen.on the keyboard press CTRL+ALT+DELETE at the same time,there one screen will appear,on the username u can type as administrator then login.on ur desktop select mycomputer,then rightclick,u can see manage option clik there,another window will open on left side local users&group-click there on right side doubleclick on user,then select ur user(forgot password)right click set password -proceed-ok.the password will reset.
OR
on desktop my computer icon not available,then go to START-CONTROLPANEL-ADMINISTRATIVETOOLS-DOUBLECLICK ON COMPUTER MANAGEMENT-there u will get local user&group-then the same procedure above mentioned.

May 21, 2011 | Computers & Internet

2 Answers

i have locked my computer and can't remember the administrators password.


when the password type windows comes press alt,ctrl and delete button .it will take to another window type your username as administrator and password as administrator. useful or nor?

May 02, 2011 | Acer Computers & Internet

3 Answers

my administrator profile password is lost.


I would like to introduce Windows Password Recovery Tool . it not only supports XP, 2000, and NT, I have personally tested it with Vista and windows 7. It works perfectly to reset any local user account to a blank password. I Wrote it to an 512MB USB flash drive do this. Booting up and clearing a password takes a minute or two works like a charm.

Jun 16, 2010 | Computers & Internet

2 Answers

forgot password


Start in safe mode log on to administrator account. Under user accounts change the password on your original account.

Aug 13, 2008 | Computers & Internet

Not finding what you are looking for?

281 people viewed this tip

Ask a Question

Usually answered in minutes!

Top Computers & Internet Experts

Doctor PC
Doctor PC

Level 3 Expert

7733 Answers

kakima

Level 3 Expert

102366 Answers

David Payne
David Payne

Level 3 Expert

14161 Answers

Are you a Computer and Internet Expert? Answer questions, earn points and help others

Answer questions

Loading...