At 15:43 15-2-02 -0800, Chad Cooper wrote: >NT is very secure in this respect, and can be set to extremely high levels >of security. > >It is true that a sys admin can only reset a password to something else, not >see what it is.
At least, he cannot see it with the standard tools that come with NT. With a bit of effort, however, one can find tools on the Internet that will hack the passwords for you. Probably not entirely legal, though. I use on at work (ANTEXP, short for Advanced NT Explorer) to retrieve the passwords from service accounts on our servers (those accounts are needed to use all kinds of utilities, from quota management to backups). Normally, these accounts have standard passwords (they are the same on every server, to make life a bit easier for the sysadmins). However, my predecessors in Region South had changed those passwords without documenting the new ones (and had left the organisation by the time we found out about it), so I had to use this not-entirely-legal method to find out what the current passwords are. (And unfortunately, it is not possible to simply change the passwords back). Only problem now is that it is shareware and as such can only retrieve the passwords for three accounts at a time. The registration fee is more than I am willing to pay for it, so I will be running this program for a long time to come. (Let's see, six servers, on average twelve accounts per server, only three accounts at a time, and about a month (24/7) per run. That is, um, an awful long time). Jeroen _________________________________________________________________________ Wonderful World of Brin-L Website: http://www.Brin-L.com Tom's Photo Gallery: http://tom.vanbaardwijk.com
