Password for Admin account

Discussion in 'other security issues & news' started by moontan, Mar 13, 2011.

Thread Status:
Not open for further replies.
  1. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    i started using a standard account to increase security.

    i used to use an Admin account without a password, being the sole user of this machine.

    my question is:
    is there any benefit security-wise of using an admin password when i run an app inside a standard account that needs a password?
    or can i just run without a password?
     
    Last edited: Mar 13, 2011
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    In early XP days, I can remember vaguely a vulnability (dont know whether it was theoretical or exploitable) based on poor firewall, guest account and network shares, where a change of user to admin implicated that the intruder owned the machine. At least I can remember an advice to allways add a password for the admin, based on this story.
     
  3. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    well really password are weak in windows. Windows puts the password to all CAPS when being verified. unless that changed.
     
  4. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    tnx for taking the time to answer folks! :thumb:

    i have removed the admin password for the time being and unless someone can bring conclusive evidences as to why it should be on it will stay off.
     
  5. safeguy

    safeguy Registered Member

    Joined:
    Jun 14, 2010
    Posts:
    1,709
    I like to think of it as a simple way to avoid rogue people (with not much PC knowledge) tampering with your Windows settings.
     
  6. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    Sry double post
     
  7. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    I've once been bypassed by an admin on my workplace ( I chalenge him to do it)
    Even though I use password on log in
    he is able to make a new admin account to access my laptop.

    Can someone teach me how he did that?
    Or at least tell how to stop that? (Without setting up bios password)

    Since he still kept it as a secret from me ;p
     
  8. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    There are lots of software to do that.

    full disk encryption


    EDIT:

    bios password on most computers can be bypassed, there are lots of software to do that too.
     
    Last edited: Mar 14, 2011
  9. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    I see in your sig that you use UAC. What do you do in the standard account when presented with the UAC alert? Just click OK. I've always had a password and have mine set to provide credentials which includes entering the password so I have no knowledge of how it works without a password.
     
  10. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    You'd still get the same exact alert from UAC, the only exception being you'd have no password to enter; no username would be required either.

    I believe the major concern would be whether or not you're part of a network, and if other machines may get compromised at some point; other concern would be other people at home/at work (if they could get their hands at your laptop/desktop).

    Am I missing some other scenario?

    Oh yeah, computer shops! Some folks enjoying seeing the photos, etc., specially if the client is a sexy lady. :D I don't think they would bother booting with some Linux live CD, would they? lol
     
  11. Greg S

    Greg S Registered Member

    Joined:
    Mar 1, 2009
    Posts:
    1,039
    Location:
    A l a b a m a
    Network as in four Win 7 laptops in the house being able to see and use files from each other or use one printer for all? Presently on mine, I've disabled all the things that allow them or me to communicate with each other. They can do it with each other but I can't.
    Uh, probably, lol
     
  12. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    it works the same, i just click OK.

    i'm not on a network and i'm the only one using this computer.

    of course, if that is not the case you'd want to use a password...
     
  13. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    Wow, my laptop is weak :thumbd:
     
  14. bollity

    bollity Registered Member

    Joined:
    May 9, 2009
    Posts:
    179
    there is a security whole in windows called " hidden sharing". most users don't know anything about this whole.
    hidden sharing will allow other network pc to see your files on the harddisk even if you don't make any sharing. so a password for any account including the administrator account is necessary.

    go to control panel -- administrative tools--computer management ---shared folders --- shares and you will see what i mean.C$ D$ E$ ... etc, all are hidden sharing.

    you can get rid of hidden sharing by editing registry. google " disable hidden sharing"

    this is for 32 bit xp and win 7 :
    add this value to this registry key
    [HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters]

    Value Name:AutoShareWks
    Data Type: REG_DWORD (DWORD Value)
    Value Data: (0 = disable shares, 1 = enable)

    then restart and now there is no hidden shares.

    http://www.petri.co.il/disable_administrative_shares.htm
     
  15. blasev

    blasev Registered Member

    Joined:
    Oct 25, 2010
    Posts:
    763
    Thx for the info :)
     
Loading...
Thread Status:
Not open for further replies.