Passwords get lost. Passwords can get cracked. No systems administrator should be without a good password utility. . .or without some good workarounds for password problems. Here are five password-related tips from SearchWinComputing.com's systems management and desktop management experts.
PSPasswd: Password-generating freeware
Systems administrators who manage local administrative accounts on multiple computers regularly need to change the account password. PsPasswd is a tool from the Sysinternals division of Microsoft that lets you change an account password on the local system or remote systems. This lets you can create batch files that run PsPasswd against the computers you manage in order to perform a mass change of the administrator password.
In his original review of PsPasswd, site desktop management expert Serdar Yegulalp wrote Strong password policies are a cornerstone of good administrative practice. If an administrator is responsible for several dozen machines, all of which need to have a password rotated regularly, the process of manually providing new passwords for each machine can be tiresome."
PSPasswd is now at Version 1.22.
Password editor/resetter utility
If you work with Windows Vista, Windows 2000, XP or NT, you can reset the administrator's password with a password editor/resetter utility called the Offline NT Password & Registry Editor bootable CD.
Created by Petter Nordahl-Hagen, the tool, another favorite of Serdar's, works by booting from a CD or floppy rather than logging in. This process also has the advantage of allowing you to unlock disabled or locked-out user accounts.
Bookmarklet generates unique passwords
Using the same password at every Web site that one of your users or you personally visit is convenient. . .but risky. If one of those sites is hacked, all your accounts across the Internet could be compromised.
Here's how SuperGenPass works. When you're ready to log into a Web site, type your master password in the password field, select SuperGenPass from your bookmarks or favorites and follow the instructions. It adds two clicks to your login process.
Admin password ending in "S" or "L" triggers accidental server shutdown
Has this ever happened? You go to your Windows server and the monitor is dark because the power save feature kicked in (the server wasn't used for a while). You figure the server is locked as well (your corporate or group policy dictates such), so you quickly hit Ctrl+Alt+Delete, followed by the password of the account you think is logged onto the console session. Then you hit Enter.
Although the screen is dark, the console session may actually not be locked. You hit the Ctrl+Alt+Del keys while the console session is open. So you don't actually see the Windows Security dialog box appear, along with its five option buttons.
In this scenario, if you have a password that ends with the letter "S" or "L," you're actually sending the command to (S)hut down or (L)og off when you hit Enter. Once the monitor comes online, you'll see your logged-on session will either be logging off or shutting down the server on you.
As the author of this tip, Tim Fenner, the site's systems management expert, admits that he's done this a few times, and hopes that the advice will keep other systems administrators from accidentally performing this embarrassing (and potentially career-threatening) mistake by not using passwords that end with a letter S or L.
All you wanted to know about resetting passwords
Tim also recommends a useful site for information on password resetting.
As Tim notes, "When you have an administrator account, but can't remember the password, a hacking tool might come in handy."