A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows XP » General XP issues or comments
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

Administration name & password



 
 
Thread Tools Display Modes
  #1  
Old February 26th 18, 02:58 PM posted to microsoft.public.windowsxp.general
KenK
external usenet poster
 
Posts: 444
Default Administration name & password

When I set up my XP Home emachine computer I didn't add any users, just me.
No sign-on username or password needed to start up the system. Now I wish
to set up my CenturyLink DSL modem wifi outbut with a name and password.
This requires my administration name and password. How do I locate what the
computer is using for them?

TIA


--
I love a good meal! That's why I don't cook.






Ads
  #2  
Old February 26th 18, 04:41 PM posted to microsoft.public.windowsxp.general
J. P. Gilliver (John)[_4_]
external usenet poster
 
Posts: 2,679
Default Administration name & password

In message , KenK
writes:
When I set up my XP Home emachine computer I didn't add any users, just me.
No sign-on username or password needed to start up the system. Now I wish
to set up my CenturyLink DSL modem wifi outbut with a name and password.
This requires my administration name and password. How do I locate what the
computer is using for them?

TIA


I assume you're talking about the username and password the "router"
asks you for when you try to change settings in it (such as the wifi
name and/or key). If the "router" is one supplied by your ISP, it is
(they are) probably printed on a label on the back/bottom of the
"router". (_Not_ the same as the wifi network name and password; they'll
probably be further down on the same label that tells you those.) If
it's one you've bought, then it should tell you in the instructions that
came with it, but if you can't find those, it's almost certainly "admin"
for the name, and either "admin" (yes, same for both) or "password" for
the password. If my assumption is right and that _is_ what you're after,
then your computer is normally not using them at all; they're only
needed if you want to _change_ things.
--
J. P. Gilliver. UMRA: 1960/1985 MB++G()AL-IS-Ch++(p)Ar@T+H+Sh0!:`)DNAf

The first banjo solo I played was actually just a series of mistakes. In fact
it was all the mistakes I knew at the time. - Tim Dowling, RT2015/6/20-26
  #3  
Old February 26th 18, 04:51 PM posted to microsoft.public.windowsxp.general
Shadow
external usenet poster
 
Posts: 1,638
Default Administration name & password

On 26 Feb 2018 13:58:11 GMT, KenK wrote:

When I set up my XP Home emachine computer I didn't add any users, just me.
No sign-on username or password needed to start up the system. Now I wish
to set up my CenturyLink DSL modem wifi outbut with a name and password.
This requires my administration name and password. How do I locate what the
computer is using for them?

TIA


I think it wants the admin and password for the modem, not the
computer.

Look up your modem model and "default password" on Google.
And change it to something hard to guess.
[]'s
--
Don't be evil - Google 2004
We have a new policy - Google 2012
  #4  
Old February 26th 18, 08:00 PM posted to microsoft.public.windowsxp.general
Paul[_32_]
external usenet poster
 
Posts: 11,873
Default Administration name & password

KenK wrote:
When I set up my XP Home emachine computer I didn't add any users, just me.
No sign-on username or password needed to start up the system. Now I wish
to set up my CenturyLink DSL modem wifi outbut with a name and password.
This requires my administration name and password. How do I locate what the
computer is using for them?

TIA


The other posters have already answered that this is an issue
between you and your router, not you and your OS. The router
has an authentication scheme for Wifi, and the info needed
is likely sitting in the router. Including the ability in
some cases, to add MAC filtering to reduce the possibility of
foreign equipment from joining your LAN. An external device
can still spoof a valid MAC, so this isn't really much protection.

*******

This is just for future reference.

The Windows OS accounts can be dumped using wmic. WMIC might
well require an administrator group account for this to work.

wmic useraccount get name,sid

Name SID
Administrator S-1-5-21-3768549767-1934788099-1503758287-500
Mere User S-1-5-21-3768549767-1934788099-1503758287-1000
Guest S-1-5-21-3768549767-1934788099-1503758287-501

If you just use this much, there will be more output,
but it will be hard to read. The second example shows how
to fix that.

wmic useraccount

wmic useraccount accounts.txt
notepad accounts.txt

User accounts come in different flavors. They can be enabled
or disabled (they use the "disabled" feature when you "leave
the company"). An account can be "full", with a home directory.
Or not. Accounts like TrustedInstaller on Vista plus are a
"token". You cannot even log in as that account, it doesn't
have a home directory, yet it "owns" your Program Files and
some set of System folders. For the TrustedInstaller account,
it requires "impersonation" from a higher account, to be
able to "wave the magic wand" of TrustedInstaller.

Generally, it's considered poor practice to have a utility
that displays all the passwords right on the screen. The method
normally would be, to support allowing an elevated user, to *change*
the password on a lower account. The administrator should not
be able to *read* the password. That concept was invented, so
that hacking would leave fingerprints. Your crooked admin would
get caught.

Once the admin changes the password to a known quantity, the
user returns to their desk and changes the password again
(in private) to the desired secret value. A value that the
admin now doesn't know (since the user just changed it).

OS hacks which cause the OS to come up, running as administrator,
and without entering the administrator password, those give the
operator an opportunity to overwrite the administrator password
with a new one. That works, as long as the password program
doesn't ask for the "old password", as part of the sequence.

In some cases, setting the admin password to a null string, with
hacker methods, then entering the system and using the password
dialog - now, in that case you know the old password is CR.
In other words, just hit Return.

Password systems today use encryption, have a salt or a shadow
file, require a complex method to prepare properly. And you can't
just use a text editor on something and put "12345678" and it's done.
Nullifying the complex format is a shortcut (i.e. changing it so
that only CR is needed), since the system doesn't have the info
it needs now, and it's going to be a bit more compliant to your
hacking quest when it comes back up.

Windows is designed (generally), to not remove the last
administrator account. The OS is less secure on purpose, so
that home users won't be pestering people with stupid questions.
As far as I'm concerned, the holes left, that you can drive
a truck through, they're there so that somebody can reset
your password without a call to Microsoft. Windows 10 for
example, has at least two hacks you can do locally, to elevate
a non-domain situation such that the user can regain control
of the machine (running with a local account, not an MSA).
And not be locked out of things. If you're a klutz, use
a local account.

The same cannot be said for OS encryption systems. Whether
it's NTFS EFS or it's Bitlocker, if you're locked out of your
files, you're screwed. It pays dividends to read the "best
practices" document for those. Accounts on Windows are
quite pliant, because there really isn't that much of
value there. However, encrypted data, if you don't have
the presence of mind to keep the "token" for your data,
it will be write-once read-never storage. If they were easy
to hack, nobody would use those encryption methods.

Your email account can have a separate password. A lot of people
let their client "cache" the password, but since the OS level password
is so easy to "deal with", you'd better de-select the "remember
my password" feature for your email, if you don't want somebody
accessing that email on you. If you're "keeping a honey on the side",
you'd want to enter the email password each time you fetch mail.
Delete the email afterwards. Compact the email database.
Use SDelete (or Heidi Eraser maybe) on the disk (takes hours).
And so on. That doesn't cover keyloggers though. On second thought,
never mind... :-)

Paul
 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off






All times are GMT +1. The time now is 02:36 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.