I'm going to do another tech post as I am totally frustrated with political economic policy development and wonder whether it is even worth my time to follow legislation and developments.
In any case, I was enjoying a beer at the local American Legion post the other day when the bartender asked if I could help with a problem with their PC. She couldn't remember the Windows password she had set so she could not use the office PC. I told her that I thought that it wasn't possible to bypass a Windows password and she would probably need to reformat the hard drive and reload Windows and all of her applications (she didn't know if she had the software) but that I would check it out. I was dead wrong. After about 30 minutes with Google, I found that not only is it possible but hacking a Windows password is incredibly easy.
There are several software applications that will hack the Windows password and tell you what the password is but the best that I found is Ophcrack. You need some advanced but basic PC skills in that you will need to be able to set the BIOS boot sequence to try to boot from the CD drive before the hard drive and will need to be able to make an ISO boot CD (takes about 2 minutes with some freeware) but beyond that you just boot from the CD and wait for Ophcrack to tell you what the Windows password(s) is.
I went to the Legion to crack the Windows password only to find that one of the people who had tried to help had set a BIOS password so back to the drawing board. I quickly found out that clearing the BIOS password is even quicker in most cases than hacking the Windows password. All you have to do is get access to the motherboard inside of the PC and move a jumper which on a Dell takes about 60 seconds. A notebook PC would be much harder only because it is more time consuming to take a notebook PC apart which is required in order to access the jumper on the motherboard. I should note that some notebook manufacturers such as Toshiba have reportedly implemented additional security to prevent clearing or hacking the BIOS password.
OK, so what are the comparative benefits of setting a BIOS versus a Windows password?
A BIOS password generally protects the PC in that the PC is not not usable if you can't get by the BIOS password. However, the data is not protected in that you can take the hard drive out of the PC and plug the hard drive into a working PC and access all of the data on the drive. Removing a hard drive from a notebook PC made in the last 6 years or so takes about 1 minute.
A Windows password generally protects your data but not your PC. If someone stole your PC which had a Windows password set, they could reformat the hard drive and reload Windows and have a functioning PC. However, even if they removed your hard drive and plugged the drive into another PC they would not be able to access your files on the drive.
As noted above, neither a BIOS password nor a Windows password will protect your PC or your data from a moderately competent advanced user but it will protect your data in the vast majority of cases.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment