Are XP's passwords useless?

When you can log on as administrator in Safe Mode and create a user account, how the hell can you keep someone from getting on your computer?

Do I need to use a BIOS password? Even for that you just take a battery out or pull a jumper.......

Needing some real security here that a smart ass 15 yr old can bypass.

Thanks,
Sharon

well you can set up the admin password just like any other user acct.

thanks phish, did that. I feel better but not quite.....

Now, I'm seeing that one can do something with SAM files.......

what are they and is there a way to make ones pc like Fort Knox?

you can use password names larger than 13 letters.

there are ways to boot your computer using a prtable usb drive and copy the sam files to be cracked on the culprits compter to get your password.

you can even hack xp simply by changing the screensaver to a cmd.exe prompt with full prvledges and and change anyones admin password to anytihng they want user the "net user" command.

You have an option to encrypt all your files and folders but you must back up your certificates or you will lose those files forever if someone changes your password using net user. even changing the password back will not decrypt them since it creates a new algorythm each time it changes...

I find that people using thngs like dreampackpl can pretty easily get access to your computer regardless of how long or complex your password is. So "combat" this I simply don't store any sensitive data on my laptop anymore. I put all the juicy stuff on an external drive rigged to explode if tampered with. :p

yes the dreampack is my ultimate fun tool..... shhhhhh

You are making it sound more insecure than it is. If the BIOS is passworded the case is locked and booting from removable media is disabled - you won't be getting into nothing without the password.

Word.

could you just take the MOBO battery out for awhile and reset the CMOS.

Removeable hard drive... take it when you don't want someone to use the PC. If they don't have a hard drive they don't have a computer.

http://www.addonics.com/products/combo_hdd/aechdsa35.asp

That'll definitely work.

Superglue the CMOS battery in the motherboard? That might take care of anyone trying to reset the BIOS password...

these are extreme measures however.

Many cases have locks on them or a place where you could fit a lock (nearly all DELLs for a start) - lock the case and you can't access the BIOS battery. Removable hard disk creates extra problem - what if you lose it?

What I stated before is the standard way of doing it and it works, lock the case , password the BIOS and disable boot from removable media. You can set the BIOS password to be required to even start the PC.

Many cases have locks on them or a place where you could fit a lock (nearly all DELLs for a start) - lock the case and you can't access the BIOS battery. Removable hard disk creates extra problem - what if you lose it?

What I stated before is the standard way of doing it and it works, lock the case , password the BIOS and disable boot from removable media. You can set the BIOS password to be required to even start the PC.

Have you ever lost a removable hard disk? :p :rolleyes: