Results 1 to 1 of 1

Thread: Secret User Accounts

  1. #1
    Succeded in braking Windo TZ Veteran Dehcbad25's Avatar
    Join Date
    Apr 2002
    DE - USA

    Secret User Accounts

    Quote Originally Posted by PCStats
    WindowXP is more friendly than other Operating Systems, but I dislike how it hides certain user accounts from the control panel. Imagine if your PC was hacked simply because of a hidden account you didn't know about, was open to the public.
    Of course there are ways to change all the passwords... even the hidden ones. ;-) Load up your command prompt (Start -> Run type "cmd" and then press the ok button) and type in "net user". That will display all user accounts on the PC, even the hidden ones. Expect to see a lot more than you know about! To change the password for any account, type "net user (whatever account name here) *" and press enter. You'll be prompted to input a new password, and then confirm that new password once more... and viola, the password has been changed. You can change the password to any account in the PC, as long as you yourself have administrative access.

    This tool will not allow you to remove those hidden accounts, but at least you can change the password so it'll be tougher for people to attack your box
    Ok, so this probably most advance users of TZ know about...but I just wanted to take the oportunity to introduce a little more, mainly for security and more deep knowledge.
    The other way to get the user's accounts (and with more control) is right click the "My Computer" Icon and select manage )or go to Administrative Tools>Computer Management or Run>compmgmt.msc )
    from there go to local Users and Groups, users being for users, groups for groups
    Now that you can actually see the accounts you can also lern a little about their use (description) Note for Newbies, you could lock out yourself from the computer or compromise the computer security if you don't know what you are doing.
    Now, why are going to tighten a bit more security and go deeper. We are going to set the policies. Administrative Tools>Local Security Settings or Run>secpol.msc
    From Account Policies>Password Policies you can set the password rules.
    Recomendations: Password history:5; MAx Pa$$ age:42 should be OK, Min pa$$ lenght:8 Characters; Complexity:Enabled
    Then in Account Lockout Policy set the threshold to 3, and it will prompt you to change the other 2 values (click OK)
    In the Even it is nice to enable some if you have more than one user.
    Now, this is the one I really like, in Security Options look for the Accounts: Rename administrator account (and guest too). Change the name there, and it change not only the administrator account by the name for the aplications that are using it too. Account use an ID, so it is asociated with the ID
    Here are more options, like Interactive Logon: Donot diaply last user name. Note that is a negative sentence (very comon in Windows AD format and registry. If you enable it will disale last user name, if you disable it will enable. Not specified it doesn't do anything (Displays last user name). You can also change the text to Display and other stuff.
    I recomend to do a restore point before doing all this. And registry backup just in case
    Have fun, but not too much. Remeber that you have to logoff or restart for some (most) changes to take effect
    Last edited by Dehcbad25; July 9th, 2004 at 03:50 AM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts