Password
protecting a laptop does not ensure data protection, the password
protection of laptops provides a false sense of security. Passwords on
laptops are good to implement to prevent unauthorized access, however
when a thief steals a laptop and has time, getting around the password
is quite simple. There are also issues if there was no way to get
around passwords, as even admins forget them and need access to the
system. Passwords are good to have, but will not stop a thief from
accessing the device, only slow them down a bit. Here is a quick run
through of some common techniques for getting around the passwords for
different platforms:
Windows XP & Vista
Windows can be cracked using several available tools one popular one is
OphCrack,
which is free. The software can works with Windows, Mac OS X and
Linux. It comes with a LiveCD version which automates the retrieval,
decryption, and cracking of passwords from a Windows system. The latest
version uses a new faster technique using rainbow tables and can crack
99.99% of alphanumeric passwords of up to 14 characters in usually a
few seconds, and at most a few minutes. The software works with older
versions of Windows as well.
Another commerical product is
Proactive Password Auditor from
Elcomsoft. The software utilizes similar techniques to OphCrack but
with a bit more automation and a friendlier user interface. The product
basically makes password a mainstream technique that anyone can use to
gain access to a system.
OS X
For
OS X 10.4 The root password can be easily reset in OS X by booting the
system from the Mac OS X installation CD and selecing the Reset
password option under “Utilities” from the installer screen and follow
the directions.
OS X 10.5 can be reset using single user mode. (hold down ‘Command’ and ‘S’ during reboot or startup.)
At the prompt, type fsck -fy
Type mount -uw /
Type launchctl load /System/Library/LaunchDaemons/com.apple.DirectoryServices.plist
Type dscl . -passwd /Users/username newpassword replace with the real “username” and follow with the new password, as shown.
Linux
Boot Linux into single-user mode
- Reboot the machine.
- Press the ESC key while GRUB is loading to enter the menu.
- If there is a ‘recovery mode’ option, select it and press ‘b’ to boot into single user mode.
- Otherwise, the default boot configuration should be selected. Press ‘e’ to edit it.
- Highlight the line that begins with ‘kernel’. Press ‘e’ again to edit this line.
- At the end of the line, add an additional parameter: ’single’. Hit return to make the change and press ‘b’ to boot.
- Change the admin password
The
system should load into single user mode and you’ll be left at the
command line automatically logged in as root. Type ‘passwd’ to change
the root password or ‘passwd someuser’ to change the password for your
“someuser” admin account.
- Reboot
Enter ‘reboot’ to restart into your machine’s normal configuration.
These
are just a few techniques used to get around password protection on
laptops. The first thing that should be implemented is making passwords
longer, a 14 character password can be cracked in a matter of minutes.
Most IT administrators require a password of 8 characters, this is not
sufficient. It is better to devise a phrase instead of just a word.
Encryption, Encryption, Encryption
If
you have sensitive information on your system, it is important to
ensure that the data is encrypted, many operating systems have this
built-in and there is also free encryption tools such as
TrueCrypt
that provide excellent encryption, so even if your password protected
laptop is cracked, your data is still secure, just make sure you use a
different password for your encrypted drive.
