Security Basics mailing list archives
re: Win 2000 User Manager Pro
From: "Chris Berry" <compjma () hotmail com>
Date: Fri, 13 Dec 2002 20:59:19 -0800
From: H C <keydet89 () yahoo com> > They claim that its easy to break into admin > password > and that if all your Win2000 machines have the same > admin pw the hacker gets access locally to all > machines...
I use semi-unique passwords on all my boxes for the local admin password. Basically just create a decent password then append something to it (preferably something that is easy for you to find out, but not for anyone else, the serial number for example.) So if your standard password were XL82~jn and the serial number of the box was 76543C, the the local admin password for that box would be XL82~jn_76543C, and if you had another box with serial number 87344T its local admin password would be XL82~jn_87344T. This makes it much more difficult to crack multiple passwords at once. Even if they manage to crack one, they'd have to figure out your scheme, and somehow get a list of serial numbers (which you might want to keep encrypted if you have one on your computer) to do them any good. At the same time, you only have to memorize a very small password to get decent local admin security, and if you use PasswordSafe from www.counterpane.com you can even forget that until you need it.
Chris Berry compjma () hotmail com Systems Administrator JM Associates "Live dangerously, overclock your servers." _________________________________________________________________Help STOP SPAM with the new MSN 8 and get 2 months FREE* http://join.msn.com/?page=features/junkmail
Current thread:
- Win 2000 User Manager Pro Marty (Dec 12)
- Re: Win 2000 User Manager Pro Gene (Dec 13)
- <Possible follow-ups>
- RE: Win 2000 User Manager Pro LEHMANN, TODD (Dec 13)
- re: Win 2000 User Manager Pro H C (Dec 13)
- re: Win 2000 User Manager Pro Chris Berry (Dec 16)