Jump to content

Windows password

nournachabe
By nournachabe
in Operating Systems
 Share
Go to solution Solved by GoodBytes,

The problem, is that your HDD/SSD can be removed, plugged onto another system and data can be pulled.

If you have Pro edition (or up) of Windows, you can encrypt selected file of your choosing (right-click on file > Properties > Advanced > Encrypt), with a generated certificate, which Windows will ask you to backup outside of your system the moment you use the encryption feature for the first time.

This will make, without the certification, 'impossible' for someone to access those encrypted files without your original account password to decrypt the generated certification in the OS, and without your backed-up certificate.

For better encryption method, you can use Windows BitLocker Drive Encryption, which uses your system TPM chip (if you have one), to encrypt your entire system.

A strong password only in your account in Windows, beside giving you protection against Windows Remote Desktop (Pro and up editions) outside connections (if you enable it and set it up), doesn't give you much. You can do a password reset.

You can block that by encrypting Security Accounts Manage or SAM for short, making Windows ask you for password before the OS loads. Attacks like "Windows Technical Support" scams, do once they convince you to give them right to remote access your system.

So that if you don't pay, next time you reboot, you are mostly screwed. Basically, you need to take the system back in time to fix it. But if the system has that feature disabled, or the restore points cleared, its a bit more complicated. You need a second system, to plug your HDD/SSD on, and recover your dta for re-install.

I am not sure if you upgrade Windows over current one, with the same version, if that is a possible fix. Never tried it.

Anyway, there is a tool in Windows that allows you encrypt SAM, called syskey.

Posted
  • Solution

The problem, is that your HDD/SSD can be removed, plugged onto another system and data can be pulled.

If you have Pro edition (or up) of Windows, you can encrypt selected file of your choosing (right-click on file > Properties > Advanced > Encrypt), with a generated certificate, which Windows will ask you to backup outside of your system the moment you use the encryption feature for the first time.

This will make, without the certification, 'impossible' for someone to access those encrypted files without your original account password to decrypt the generated certification in the OS, and without your backed-up certificate.

For better encryption method, you can use Windows BitLocker Drive Encryption, which uses your system TPM chip (if you have one), to encrypt your entire system.

A strong password only in your account in Windows, beside giving you protection against Windows Remote Desktop (Pro and up editions) outside connections (if you enable it and set it up), doesn't give you much. You can do a password reset.

You can block that by encrypting Security Accounts Manage or SAM for short, making Windows ask you for password before the OS loads. Attacks like "Windows Technical Support" scams, do once they convince you to give them right to remote access your system.

So that if you don't pay, next time you reboot, you are mostly screwed. Basically, you need to take the system back in time to fix it. But if the system has that feature disabled, or the restore points cleared, its a bit more complicated. You need a second system, to plug your HDD/SSD on, and recover your dta for re-install.

I am not sure if you upgrade Windows over current one, with the same version, if that is a possible fix. Never tried it.

Anyway, there is a tool in Windows that allows you encrypt SAM, called syskey.

Link to comment
https://linustechtips.com/topic/322914-windows-password/#findComment-4389023
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Operating Systems

×