23 Jul
2013
by: John Dow
I spend a lot of time cracking passwords! No, not for stealing software or information, for doing computer repair! One of the most common home or small business computer service repair calls I get is that Bob, fill in the blank here lost his password / forgot his password / left the company and never told anyone his password, and we cant use the computer or software.
If you have physical access, most times you can reset a password on any version of Windows XP. Some vertical applications get a little trickier but I still can usually figure out a way to get in to clear the existing password and then let the customer reset it.
And no, Im not going to teach you how in this article, sorry. But what I can do is help you figure out a way to never forget a password without writing down. An especially bad practice that I see all the time is someone will write down the password on a post-it note and put it on the monitor. Which is a particularly ugly breach in security.
But I can understand the problem. Chances are you have many passwords to remember if you use a computer at home or at work. And since many of the systems automatically force the user to change their password every 90 days, this becomes quite a challenge to remember them all.
There are some good ways to create a password so that you cant forget it. And you can easily meet the minimum requirements of at least 8 characters with at least three being punctuation or numerals too. But the best is 15 characters (I wont go technical on you but lets just say that the stored password of over 14 characters are much more difficult to crack). I cant even remember who taught me this method but Ive been using it for years.
The first thing to remember is not to use childrens names, birthdays, or any information that someone might guess. This includes common names found in the dictionary or some other know source. The reason for this is there are many cracker programs out there that use these common sources to check against password to break them. So stay away from common words or expressions.
Even the programs that generate random characters can be beat by another program designed to emulate that type of software. The idea behind them is good and they can provide a stronger password but for most user that creates a bigger problem since who can remember W#8hY*2l-Km$!1d, let alone type it.
So whats the secret? The easiest way Ive found to remember a password is to associate it with a person or event that youll never forget. Something that even a good friend might not know but also something that you couldnt forget even if you wanted to if you tried.
If the password is for windows or a windows program you have up to 127 characters most times. So use a phrase instead of just one word. So if you have a phrase (or song lyric) burned into your brain you could use it too. When I need a quick password when working at a clients I normally look at the machine or something on the wall and use it for the password. One of my favorites is I hate Compaqs model 2780! or use any computer name).
When I was five we moved to the corner of 85th street and pacific. Most people I know now dont know that and I doubt it would come up in any conversation. So if I used 085TH@pacificst5 that contains something I can easily remember and also meets the high end password requirements.
Or how about the first love of my life (which dumped me in about 2 weeks)? I wont use her real name to protect the guilty but heres that one, http://2wKJeN06.OrG an, I added organ since she was organic (I think). See how this works? Ill bet we all have lots of things, events, people, and the date or age we experienced them to use.
One weakness any password can have is if someone slips in a keylogger program on your computer. Keyloggers record all the keystrokes that a user makes and regardless how tough you make your password, if they can see the key strokes, theyve got you. And its much easier than you think to do a stealth install.
There is one way to get around this issue, use extended characters. If you hold down the alt key, then press one or more numerals you get one of those weird characters with double dots on top or a symbol. But the keylogger still shows the character, but a way around it is to use Alt 0160. This extended character is a space and hides the fact that you used the Alt method to create it. So they wont be able to duplicate it even if they see it.
There is no perfect solution for passwords. But you can and should take some steps to insure that you take the appropriate precautions whenever you create one. Keep it over 15 characters, use numerals, punctuation, and alphabetical characters. Combine elements that are easy to remember but not common information like birth dates or childrens names. Use associations that make it easy to remember.
And never communicate your password in any documentation or emails. Dont display them on your computer or loan them to friends or associates. Random generators can be helpful but arent bullet proof. Change your passwords on a regular basis just in case. Always have a master or Administrator password that can be used to go in and change users passwords when necessary.
Id much rather fix hardware or software problems than crack passwords on a computer repair service call. It makes my job a little easier and can save you a lot of money.
John Dow owns http://www.PowerSolutionsCD.com, a website that specializes in computer troubleshooting, security, and repair utilities. Click here to learn more: Best Computer Repair CD.
@@AMAZON_GEN_WIDGET@@.
Comments Off on Computer Repair And Cracking Passwords! by John DowComputers
Sorry, comments are closed.