passwords

[Anna]

Where on the computer (path) are the User Logon Passwords
stored, and are they encrypted? How can I find out what
the password is for a given User (who is also designated
as an administrator), if I myself have an Administrator
account that I can log on as?

 

[Miha Pihler]

Passwords on PC that is not a DC are stored in SAM database located at
%systemroot%\system32\config.

Yes passwords are encrypted (or represented as MD5 Hash value and DES
encryption) so it is not possible to see them in clear text even if you are
administrator of the PC.



There are some tools out there that can break down week passwords in SAM
database.



Mike

 

[Bobby Armstrong]

If you have Administrator account I can help you give anyuser a new password
but I dont know how to check what there password is.
You can just go to the users and passwords and click on the username the
click set set password and it dos'nt ask for the old if you have Win2k

Tell me if I can help more

Bobby Armstrong
(e-mail address removed)

 

[Don Grover]

Passwords are not stored on a w2k server only a derived hash value that is
matched against the entered password input.
There is no program out there that will reverse a hash value, there is some
brute force applications that will try to issue multiple common or
distigushed names and try and pickup on not getting knocked back.

The most common sense way is you must have a senior administrator and if
that person issues you with a documented password list then you have no
problem, if he does not then you should not be using them anyway.

Regards
Don Grover