| 76 |
| Password recovery isn't too painful |
| Every now and then, a user forgets a password. If it's a local account password, you're in good |
| shape--as long as you can log on with the local administrator account, or with another local account |
| with the privileges necessary to change the user's password. There are other solutions, such as |
| deleting the SAM file, replacing Logon.scr with Cmd.exe, and using third-party tools. However, |
| there's no good substitute for assigning a hard-to-guess local administrator password, storing it in a |
| secure database, and never giving the user the account credentials. |
| But local and domain passwords aren't the only ones that users tend to forget. In fact, they're |
| probably more likely to forget passwords for Web and FTP sites, e-mail accounts, and other |
| nonsystem passwords. It can be a real headache to try to recover these passwords, but sometimes it |
| isn't just a matter of recovering a password. |
| Windows 2000 caches the password and although users might, for example, be able to access a |
| password-protected Web site (because the password is cached), they might have forgotten the |
| password and now need to use it elsewhere on the site. Windows 2000 hides the password with |
| asterisks, so you can't just look it up. |
| There are some third-party tools you can use to uncover these passwords. For example, iOpus' |
| Password Recovery XP lets you reveal these passwords. Just open the program, drag the cursor over |
| the hidden password, and the clear-text password shows up in the Password Recovery window. iOpus |
| provides a free evaluation copy so you can test it, as well as a Web page where you can test the |
| program's ability to reveal Web-based passwords. |
| http://www.iopus.com/password_recovery.htm |
First Previous Next Last |