So you lost your admin password? Password tips for Windows admins

Here are five tips for systems administrators regarding password utilities and workarounds for password problems.

Passwords get lost. Passwords can get cracked. No systems administrator should be without a good password utility. . .or without some good workarounds for password problems. Here are five password-related tips from SearchWinComputing.com's systems management and desktop management experts.

PSPasswd: Password-generating freeware

Systems administrators who manage local administrative accounts on multiple computers regularly need to change the account password. PsPasswd is a tool from the Sysinternals division of Microsoft that lets you change an account password on the local system or remote systems. This lets you can create batch files that run PsPasswd against the computers you manage in order to perform a mass change of the administrator password.

In his original review of PsPasswd, site desktop management expert Serdar Yegulalp wrote Strong password policies are a cornerstone of good administrative practice. If an administrator is responsible for several dozen machines, all of which need to have a password rotated regularly, the process of manually providing new passwords for each machine can be tiresome."

PSPasswd is now at Version 1.22.

Password editor/resetter utility

If you work with Windows Vista, Windows 2000, XP or NT, you can reset the administrator's password with a password editor/resetter utility called the Offline NT Password & Registry Editor bootable CD.

Created by Petter Nordahl-Hagen, the tool, another favorite of Serdar's, works by booting from a CD or floppy rather than logging in. This process also has the advantage of allowing you to unlock disabled or locked-out user accounts.

Bookmarklet generates unique passwords

Using the same password at every Web site that one of your users or you personally visit is convenient. . .but risky. If one of those sites is hacked, all your accounts across the Internet could be compromised.

That's why Serdar wrote about the tool SuperGenPass. The customizable bookmarklet generates unique, complex passwords using one "master" password.

Here's how SuperGenPass works. When you're ready to log into a Web site, type your master password in the password field, select SuperGenPass from your bookmarks or favorites and follow the instructions. It adds two clicks to your login process.

Admin password ending in "S" or "L" triggers accidental server shutdown

Has this ever happened? You go to your Windows server and the monitor is dark because the power save feature kicked in (the server wasn't used for a while). You figure the server is locked as well (your corporate or group policy dictates such), so you quickly hit Ctrl+Alt+Delete, followed by the password of the account you think is logged onto the console session. Then you hit Enter.

Although the screen is dark, the console session may actually not be locked. You hit the Ctrl+Alt+Del keys while the console session is open. So you don't actually see the Windows Security dialog box appear, along with its five option buttons.

In this scenario, if you have a password that ends with the letter "S" or "L," you're actually sending the command to (S)hut down or (L)og off when you hit Enter. Once the monitor comes online, you'll see your logged-on session will either be logging off or shutting down the server on you.

As the author of this tip, Tim Fenner, the site's systems management expert, admits that he's done this a few times, and hopes that the advice will keep other systems administrators from accidentally performing this embarrassing (and potentially career-threatening) mistake by not using passwords that end with a letter S or L.

All you wanted to know about resetting passwords

Tim also recommends a useful site for information on password resetting.

As Tim notes, "When you have an administrator account, but can't remember the password, a hacking tool might come in handy."

This was first published in August 2007

Dig deeper on Microsoft Group Policy Management

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close