Your OS passwords are not safe

You choose your passwords as the most sophisticated and the strongest as you understand the importance to protect your computer. But did you know that this is nearly useless? A few commands and here is your safe password replaced or removed by a mere user, by your youngest nephew.

    logo_complet

  • On Windows, it’s enough to use the bootable CD-ROM of Ophcrack which is available as Open Source. Reboot and watch the software program find the Windows Administrator password…
  • Ophcrack also works on Mac (and Linux) but with OSX10.4, it’s enough to use the Apple installation CD and to choose “Utilities” to run “Reset the password”. On OSX10.5, you’ll have to reboot, press Command+S, then type the following at the prompt:
  • fsck -fy
    mount -uw /
    launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
    dscl . -passwd /Users/UserName newpassword
  • If on Linux, if boot is controled by GRUB, it’s enough to press ESC during the boot sequence to choose ‘Recovery Mode’ which will will start you as root without even knowing the password. Just change it now…
  • But even better (or worse), on Linux again, here is a list of 10 ways of resetting a lost linux root password

Plus ou moins inspiré de JoeTech.