Windows XP Password bypass???

Discussion in 'Software' started by usmc_wife_1345, Feb 29, 2008.

  1. usmc_wife_1345

    usmc_wife_1345 Private E-2

    Okay So I password protect the windows users accounts to have better control of when my son is on the computer and WHAT he is doing in it. That way I have to be there to log in. Problem? HE was given by a friend what he calls a universal password that works. He told me about it b/c he wanted to try it on the computer. I said sure. He typed it in and it worked. It is a set of numbers. How can I disable this feature OR lock Firefox so only I or hubby can give him access to it?
     
  2. sosaman

    sosaman Sergeant Major

    lol, i don't know how that would work (password). anyway, do you have broadband (cable/dsl)? why don't you just disable the internet when you aren't on the comp?
     
  3. Colemanguy

    Colemanguy MajorGeek

    never heard of a universal password. More likely, your son had used a password cracker when on your pc to give a matching password that works. Try changing your password, then have him use the universal password, see if it still works.
     
  4. usmc_wife_1345

    usmc_wife_1345 Private E-2

    I don't know how it works either but I watched him do it! lol. I would love to just disable it but I need the computer up and running 90% of the time b/c I use my wireless for the laptop that I need.

    I did change the password and it is still working.
     
  5. usmc_wife_1345

    usmc_wife_1345 Private E-2

    Also with the password cracker, I honestly don't think he is computer savvy enough to do something like that. He is only 11 and has trouble logging into his own game sites.
     
  6. dlb

    dlb MajorGeek

    How about posting this so-called "universal password" here so we can try it and see if such a thing exists. I can't believe it does and that I've gone over 10 years using PC's and never heard of it...... something else is going on here.....
    Anyway, you can password protect certain programs, files, folder, anything you want. The protected programs will only run if the correct password is entered.
    http://www.majorgeeks.com/AppsProtector_XP_d2253.html
    http://www.majorgeeks.com/Program_Lock_Pro_d1642.html
    http://www.majorgeeks.com/Program_Protector_d3963.html
    http://www.majorgeeks.com/WinGuard_Pro_d1707.html (this one is free!)
    I haven't actually used any of the above programs, I just looked through the Security downloads here at Major Geeks....
     
  7. usmc_wife_1345

    usmc_wife_1345 Private E-2

    I have no idea what the password is. M just typed it in and I didn't think to write it down b/c I didn't think it was legit. I don't want him to know I am trying to find a way disable it so he doesn't try to find another way to by pass it.

    I will look into those other programs, thanks dlb!
     
  8. EEEEDIOT

    EEEEDIOT Specialist

    If you're just worried about what he's doing on the internet you can change your router settings. I use a Linksys router, but I am sure that most routers are able to be configured similarly.

    You just have to:
    1. find the ip of his computer
    - Click on start -> run Type "cmd" without the quote marks, and then type ipconfig at the prompt
    - There should be one number that has the title : IP Address
    2. log on to your router, click on the restrictions tab (or anything that sounds similar)
    3. There, you should find a thing that might let you edit the list of PC's that you can use to deny access to the internet at certain times. In the IP field, type your son's IP that you took down at the ipconfig.
    4. Set your policies. On my router you can also block websites depending on what words are on it. Your's might be able to do that as well but I don't know because this is the only router I've ever owned.
     
  9. Colemanguy

    Colemanguy MajorGeek

    except its the same machine she uses.
     
  10. EEEEDIOT

    EEEEDIOT Specialist

    but how does the computer being up have anything to do with needing to use wireless for laptop?
     
  11. andrewsx

    andrewsx Private E-2

    what was the universal code that ur son used to log in with
     
  12. Lev

    Lev MajorGeek

    Hi Andrewsx - Welcome to Majorgeeks.com :)

    Several things:

    1. MajorGeeks.com does not condone this kind of activity so no "universal codes" if they even existed will be provided here.

    2. Please start your own thread in the correct forum, rather than hijack someone else's in future. Thanks.

    3. I have removed your thread in the Welcome Center because of the reason I gave in #1.
     
  13. Adrynalyne

    Adrynalyne Guest

    11 year old. Isnt savvy with the computer.

    But

    He has a friend that is savvy.

    There is no such thing as a universal code. He either guessed your password, or has a keylogger that got it for him.
     
  14. studiot

    studiot MajorGeek

    This doesn't really fit with the events posted by USetcWife. There is something else going on here.

    It would be very helpful if the Lady would confirm that we are talking about the main Windows password at the Windows Logon screen?
    Not some other password after the user is already logged on.
    Also if the 11 year old is not capable of pc shenanigans, did his friend have access to the pc at any time past?
     
  15. Speculant

    Speculant The Confused One

    but, how would the 11 year old son run a keylogger/password crack without being logged in? the only way he could of achieved this is installing the keylogger/crack program while logged in (and I assume that he is on a limited account, so installing programs wouldn't be possible), or running a bootable CD/DVD before windows started that had the crack already on it (and i don't think that such a CD/DVD exists...)
     
  16. Colemanguy

    Colemanguy MajorGeek

    spec, wrong on both accounts such cds do commonly exist, and its sounds more like the mom lets son use her regular account.
     
  17. Colemanguy

    Colemanguy MajorGeek

    err double post.
     
  18. usmc_wife_1345

    usmc_wife_1345 Private E-2

    Sorry all, haven't had computer access for a while -- out of town.

    Anyway, son does use my main account. I am referring to the main Windows password at the Windows Logon screen and not some secondary password once logged on. The whole purpose of my doing this is to have it password protected to access anything at all -- I have to be near by and seeing what he is doing. Translation? If I am in the shower, or out doing yard work, he can't look up porn or "accidentally" look up porn, or can't open up his own myspace account "like all his other friends", etc.

    There are VERY few internet sites (specifically 2) he is allowed to go to where I am not worried about what he is doing there. Anything else, I would like to block -- ergo my main password b/c I just don't trust curious preteens (or teens for that matter) who don't spell very well.

    I have changed my password on the desk top 3 times so far since my original post. All while he was at school so that he can't see or even know that I am changing it. I have caught him once logged on, after the second password change, on his own -- meaning, I didn't log on for him. And no, he is not even in the room when I log on. I am pretty sure that was the only time b/c I always log off when I am done. There is no software on any computer in the home (or download) that has any kind of key logging crack. Even if there was, I am absolutely certain, he would have no clue how to use it.
     
  19. markj

    markj Private E-2

    There is actually at least one such solution - Ophcrack LiveCD.
     
  20. Novice

    Novice MajorGeek

    Try setting a bios "power on" password on the computer in question and see if he can still log on to it. Never underestimate the intellect of a child! They can fold road maps and program VCR's. :)
     
    Last edited: Mar 12, 2008
  21. markj

    markj Private E-2

    I'd like to add, that in my opinion, the only way to be sure, that no one can actually do anything with your system while you are away from it, is to use whole disk encryption solutions.

    That way you can be pretty confident that no one is working with your operating system, and that all your files are safe, and cannot be accessed from a LiveCD.

    There are commercial solutions for that, such as DriveCrypt Plus Pack, and the free ones - TrueCrypt and DiskCryptor. Please exercise caution with these programs, however, and be aware that DiskCryptor is still in beta development.
     
  22. usmc_wife_1345

    usmc_wife_1345 Private E-2

    Very true, very true.... Okay, how do I set the bios power on password?

    Thanks MarkJ however, I think at this time I will not be going that route. Maybe when he is older as needed?
     
  23. studiot

    studiot MajorGeek

    I asked my questions because I wondered if the lad was actually logging in to your account at all or has someone created another account that you don't know about? and given this the password he is using?
    Perhaps the account name is very similar to yours.

    Or has someone enabled the Guest account, with no password (i.e.any will do). This is off by default, but still defined.
     
  24. usmc_wife_1345

    usmc_wife_1345 Private E-2

    No, nothing like that. The only user account is mine -- we all use the same one.

    And there are no friends of his that have had access to the computer at any time with out me being in the room watching what they are doing.
     
  25. Adrynalyne

    Adrynalyne Guest

    I still say there is a keylogger on the system, due to the fact that bootable password "crackers" usually rely on removing the password altogether, which would be obvious that it had been done.

    He can check to see what the password is when you log in for him.

    But, Novice has the best solution. A BIOS password.
     
  26. studiot

    studiot MajorGeek

    We ought to answer the question about the BIOS password.

    There are two types of BIOS password

    A supervisor password that restricts access to the BIOS itself, but not the operating system.

    and

    A user password that restricts access to the operating system

    You set one or both in the BIOS by entering the BIOS, also called setup and going to the security section.

    Only some BIOS have this facility so you may be out of luck.

    To enter the bios, power up from cold and watch the screen.
    Repeatedly tap the key as instructed (probably del or F2)

    My screenshot shows a typical BIOS which has both passwords available.
     

    Attached Files:

  27. studiot

    studiot MajorGeek

    Having answered the BIOS question,

    I am interested to get to the bottom of this. I think that there is something happening that you are not seeing, perhaps because you don't know where to look. This is not a personal criticism.

    I have come across universal passwords that act like hotel skeleton keys, but only on large organisation installations of lots of pcs. It makes no sense for individual pcs any more than you need a skeleton key for your front door. But just as the Holiday Inn manager would freak out if he thought the Hilton skeleton key also fitted his doors, so one organisation expects a different 'universal key' from another one.

    You are wrong in thinking that your account is the only one on the machine. There are always others within Windows, they just don't show unless they are called. I named one earlier it's called the Guest account. In XP home there is another called administrator, which is why you can't use this name for your account.

    What version of windows are you using?
     
  28. dlb

    dlb MajorGeek

    Not much advice here... just watching the thread unfold. I find this quite interesting. Regardless of how savvy or un-savvy the boy is, he is able to log in on his own even after mom has changed the main account password. The question here isn't how much he knows about PCs, but how is he logging in, and how does mom stop it. Has mom flat out asked the boy how he logged in after the password had been changed? The BIOS password is definitely a good idea, and so is a key switch to control the PC power on/off, or mom could simply take the AC power supply for the modem/router with her so the boy can't go online, period. Isn't it possible to password a router so that when anyone tried to go online it will prompt for the password? Then again, all it would take would be a straightened out paper clip and the password is gone ;)
     
  29. Novice

    Novice MajorGeek

    No advice in this post as I'm following it with interest! Thanks studiot for answering the bios password howto that I suggested!

    Like all the others, I have never heard of a universal password for Windows. I suggested it to the OP as it was the easiest method that I could think of to lock down access to the machine, and resetting the bios would eliminate the password and be obivious to the mother.

    Tend to agree that there is something going on that isn't being seen! Keyloggers do not have to be programs on the computer itself, as there are small devices that fit between the keyboard and the connection to the computer that will log all keystrokes, although they are limited in storage volume.

    The child doesn't have to be tech savvy, if he has a friend that is! Is the wireless connection secured/encrypted with a key? Something else to think about is Remote Assistance which if requested/enabled by the child would give access to the computer to the tech savvy friend and also access to the Windows password file.

    My question to the OP is how are you certain that there isn't a keylogging program running on the desktop in question? :)
     
  30. studiot

    studiot MajorGeek

    Haven't heard how you are getting on so here is another thing to do. It will test for and foil a keylogger.

    Choose two new groups of letters so that neither form a recognisable word.

    eg

    hxeid
    atbod .............. make sure you remember this second one!!!!!!!!!!!

    The second will be your new password the first will be decoys.

    Then open your user acount at the change password screen.
    reduce its size to half screen.

    Now click somewhere in the desktop area and type the first letter of the first group (h)
    Then click in the new password box and type the first letter of the second group (a)
    Then click back on the desktop outside the window and type the second letter of the first group (x)
    Then click back in the new password box and click the second letter of the second group (t)

    and so on till you have used all the letters.

    The keylogger will think the new password is haxteboid.

    Shut the pc down and don't use it before he does.

    See if your lad can now get in.
     
  31. Fred_G

    Fred_G Heat packin' geek

    Studiot, I like how you think. Very nice idea.

    E
     
  32. plodr

    plodr Major Geek Super Extraordinaire

    You can also use this method to log into sites at internet cafes where you don't know what might be installed on the computer you are using...type a letter in the box, move the cursor and type some bogus letters, move into the box and type another leter, move out of the box...keep doing this until you re logged in and the keylogger thinks you have a really long password.
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds