question about “locking down” a desktop system

Topic

New Reply

I run W7 Home Premium SP1. As a non-tech layperson, I try to practice safe practices with my desktop system. To boot up my system, a password is required. I take regular images etc. etc.

It occured to me – which is why I’m asking this question here – that there might be some way or ways to bypass the password I think is required to boot up my system.

If there is, what is the way; and, more importantly, is there some defense against that intrusion vector?

If I am being unduly paranoic, I’d appreciate learing that too.

Thank you,
Dick

Reply | Quote

Replies

Are you talking about a password set in the BIOS setup?

If so, I would think that the only way to bypass it would be to get into the BIOS setup and clear the password. If the machine offers a Setup Access password, you should create one there as well.

The password could still be bypassed by opening up the machine and removing the CMOS battery and waiting for all the settings to revert to factory defaults or using a “Clear CMOS” jumper on the mother board.

If it is a password for Windows, there are any number of ways to get around it.

Reply | Quote

nate01pa:
Concerning your last sentence, what are the ways to get around the Windows password; and how do people defend against these?
Thank you,
Dick

Reply | Quote

Pre Windows load whole disk encryption if you’re really concerned about critical information if it’s stolen or something like that and they have unlimited hands on.

Reply | Quote

Dick – Unfortunately it’s easy to get round the Windows password, usually by just removing it (very easy) rather than ‘cracking’ it (time-consuming but do-able). Have a look at Offline Windows Password & Registry Editor as just one example or do a search on YouTube for “bypass windows password”.

A BIOS ‘power-on’ password is safer… but these can often be circumvented too.

As F.U.N downtown says, have a look at whole disk encryption, e.g. the free Compusec which I’ve used for years to protect laptops in a sensitive environment.

Hope this helps…

Reply | Quote

If you can take the disk out you can put it in another machine, or boot off a CD / USB, and access all data on the disk password or no.
The only way to prevent someone accessing your data is to encrypt either the data or the whole disk.

cheers, Paul

Reply | Quote

Leo Nottenboom recently covered this in his Ask Leo newsletter and offered details on a Password Reset Utility
which you may find helpful.

Reply | Quote