To remove the Stored User Names and Passwords from your system, :
Click Start, Run and type Control keymgr.dll Remove the entries from the list.
The other ways to access this dialog are:
Type Control Userpasswords2 in RUN box, click Advanced, Manage Passwords
OR
From Control Panel, select your User Account, on leftside of the corner click Manage your network passwords is there just click and remove the password
If the network location is not listed in the Manage Network Passwords dialog, proceed further, to the manual removal routine:
The password is stored in the Protected Storage area in the XP registry. To remove the stored password for the Network location, follow these instructions:
Click Start, Run and type REGEDIT and press Enter Navigate to the following key:
HKEY_CURRENT_USER \ Software \ Microsoft \ Protected Storage System Provider \ <SID for your Account> Assign your user account Full Permission for this key, and sub-keys. Once done, press F5 key to refresh the registry view. Locate the appropriate sub-key which contains the MS IE FTP Passwords.
Hint: Look for the MS IE FTP Passwords Display String value in the right-pane for each sub-key. The password may be stored here: (The <SID> string varies)
HKCU \ Software \ Microsoft \ Protected Storage System Provider \ <SID> \ Data \ 5e7e8100-9138-11d1-945a-00c04fc308ff \ 00000000-0000-00 00-0000-000000000000 Once you locate the correct sub-key, backup the key to a REG file Delete the key which contains the user name & password for that Network location
How to clear saved network passwords in Windows XP ?
Start>Settings>Control Panel>User Accounts>Change Account>{Select User to clear stored pass}>Manage My Network Passwords then clear stored account..
OR
In Windows XP, go to Control Panel > User Accounts.
- In the User Accounts window that displays, click on Change an Account.
- Then click on the Account for which you want to clear the saved network passwords.
- In the next screen, in Related Tasks section, click on "Manage my network passwords".
This will open the "Stored User Names & Passwords" dialog where you can clear or edit the saved logon information.
Before I start the central aspect of this article - resetting the Linux root password, let me quickly introduce you to boot loaders and the GRUB.
A boot sequence is the initial set of operations that the computer performs when the power of a computer is switched on. A boot loader typically loads the main Operating System for the computer.
A computer's central processor can only execute program code found in the Read-Only-Memory (ROM) and Random-Access-Memory (RAM). However, when the computer is switched on, it does not have an Operating System in its ROM or RAM. So a computer initially executes a small program stored in a ROM, which in-turn loads the required code and data into the RAM for execution.
This small program which performs this process is known as a bootstrap loader, bootstrap or a boot loader. This program is generally not the Operating System, but a miniature program which will load the required Operating System into the RAM from the non-volatile storage.
There are several popular boot loaders used today - GRUB, BOOTMGR, LILO and NTLDR. The GNU GRUB (GNU GRand Unified Bootloader) is a boot loader package from the GNU Project and is one of the most popular boot loaders available today. LILO (LInux LOader) is a generic boot loader for Linux. NTLDR (NT Loader) is the boot loader for all releases of Microsoft's Windows NT Operating System. In later versions of Windows like Vista and Windows 7, NTLDR was replaced by the Windows Boot Manager (BOOTMGR).
In this article, we restrict ourselves to the GRUB loader. Typically, a few dual-boot environments and a few Linux based Operating Systems use the GRUB as their boot loader. Here is a screen-shot of the GRUB loader of Red Hat Enterprise Linux 5 -
There are many scenarios where we might need to reset the root password of our Linux system. Consider you have been assigned to a Linux system to work with and the previous owner forgot to give you the root password; maybe you are in the middle of an important project and you don't have the root password of the system when you need it urgently and the worst part - the system administrator is not in sight; or maybe you just forgot it. The possibilities are limitless.
But remember, before you attempt to change or replace the password of any machine, make sure you have the necessary permissions from the management authorizing it. If not, it can be mistaken as an attempt to hack into the machine, which is not ethical.
Start the system, when the selection screen comes up, navigate to the line for Linux and press 'e'
Now, select the entry that begins with the word - 'kernel' and again press 'e'
Append 'single' to the end of the existing line. Make sure there is a space between the existing content and 'single'
Press 'b' to boot into Linux as the root
You are now in the special mode called the "Single-User Mode".
If prompted for the root password here, restart the system and in the previous step, append 'init=/bin/bash' after 'single'
Use 'passwd' to specify the new root password
I am sure that reading this procedure would have caused apprehensions in the minds of several readers about the security of their systems. Using this method, anybody can hack your system. So if you want to be careful and avoid such situations, you will need to restrict any modifications to the GRUB. This can be done by protecting the GRUB by using a password.
Open the shell prompt and login as the root
Use the 'grub-md5-crypt' command to get the MD5 hash of your GRUB password
Open '/boot/grub/grub.conf' and add 'password -md5 ' below the timeout field
Save and exit
From next time, if you want to edit the GRUB, you will have to press 'p' followed by the GRUB password. The downside of this is that there is an extra password for you to remember. Well, accessibility has always been a trade-off in security.
Note - Changing passwords of a system without proper permissions is unethical and illegal, which may lead to legal complications. So always follow a proper authorization channel before changing the passwords.
To ensure security of the Oracle database system and prevent unauthorized access to the Oracle database, it's important for Oracle users to not only using strong and long Oracle passwords to avoid brute force or dictionary attacks, but also to change the Oracle user password regularly. Oracle users also have to change the password when the password has or going to expire, if database system administrator implements and enforces strict password control with PASSWORD_LIFE_TIME option for user profiles which limits the number of days the password can be used for authentication to login to the system.
To change the Oracle password, users can use SQL*Plus or Oracle SQL and PL/SQL language interface administration tool such as Toad for Oracle. No matter what SQL apps you use, the commands and SQL query languages used to change the password are similar.
There are two SQL command syntaxes that can be used to change Oracle database user password:
ALTER USER user_name IDENTIFIED BY new_password;
or (from Oracle8 and above):
PASSWORD
For above SQL query, if you need to change another user's password, use the following command:
PASSWORD user_name
For PASSWORD command, after you press Enter, you will be prompted to input the old password and new password interactively. For example:
SQL> password
Changing password for DAVID
Old password:
New password:
Retype new password:
Note: You need to have enough privileges to change other Oracle user's password.
As the variable in italic implied by name, user_name is the user whose password wishes to be changed, and new_password is the new password to assign.
As ALTER USER SQL syntax will send the new password to the Oracle database server unencrypted if use without Advanced Security Option, and thus expose to security risk, Oracle users should always use the PASSWORD command to change the Oracle user password.
Everybody knows, including hackers and attackers that all Linux and UNIX flavored systems come with a all powerful root user account, which once get compromised, mean all hell breaks loose. So it's a good security practice to disable the ability for root user to able to login and gain access to the server system via SSH directly (of course, the system must have disabled FTP access). After disabling direct root SSH remote login, the chance for the brute force hacking to success is greatly reduced.
To turn off and disable direct root SSH login, follow this simple tutorial:
IMPORTANT: Make sure you have another account (preferably belongs to wheel user group too) which is able to login via SSH remotely, and able to SU to root user account. Else you risk been locked out from your server.
SSH into server and login as root.
In command shell, use pico or vi to edit sshd_config file by typing one of the following commands:
pico /etc/ssh/sshd_config
vi /etc/ssh/sshd_config
Scroll down the SSH server configuration file and locate a line like below:
#PermitRootLogin yes
Uncomment the line by removing the hash symbol (#), and then change the "yes" to "no". The final line should look like below:
PermitRootLogin no
Save the config file. In pico, press Ctrl-o, follow by Ctrl-x. In vi, type :wq and press Enter.
Restart SSH server by typing the following command in command line, and press Enter:
/etc/rc.d/init.d/sshd restart
Logout from SSH connection. Try to login as root, it should fail with Access denied error. To access root account, login with your own user name and password, and then SU to root.
Other then the ways specified here to reset and change the root password for mySQL database in the case that the password is forgotten or lost, the following instructions explain in details the alternative way at the last part of the guide, where no additional file needs to be created:
Login as root to the Windows or Unix-like (Unix, Linux or BSD) machine with the MySQL server.
Stop the MySQL server by using either of the following command:
Alternatively, start the MySQL server directly and skip the editing with the following command:
mysqld_safe -skip-grant-tables &
Depending on your path environment, you may need to point to the correct directory where mysqld_safe is instead.
Run the following commands to login as the mysql user and connect to mysql user/permission database:
# mysql -u root mysql
Run the update queries to change the MySQL password:
mysql> UPDATE user SET Password=PASSWORD('newrootpassword') WHERE User='root';
mysql> FLUSH PRIVILEGES;
Note: Replace newrootpassword with the new root password for MySQL server. Flush Privileges is needed to making the password change effect immediately.
Exit mysql database client by typing exit.
Stop MySQL server with commands listed at step 2.
Open the mysql server startup script edit in step 3 again and remove the -skip-grant-tables parameter that has been added.
Start MySQL server by using command from step 5 or 6.
For Redhat Linux users, use the following instructions as the root user of Redhat Linux machine:
Stop MySQL process by using command:
# killall mysqld
Start the MySQL server with following options:
# /usr/libexec/mysqld -Sg -user=root &
Start the MySQL client:
# mysql
You should see the following message:
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 1 to server version: 3.xx.xx
Type 'help;' or 'h' for help. Type 'c' to clear the buffer.
mysql>
Use mysql database:
mysql> USE mysql
You should see the following message:
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
Then, update the password for the root user with the following command:
UPDATE user SET password=password("newpassword") WHERE user="root";
Replace newpassword with your desired password. You should see the following message:
Windows NT, Windows 2000 and Windows XP users who have forgotten the administrator account password has many ways to hack, crack, recover or reset the administrator password. Another way to break into a Windows PC which locks with forgotten or unknown password is to use chntpw, a Linux based program to change and reset the password of a Windows administrator account.
Chntpw is a program designed to overwrite and set Windows NT or Windows 2000 SAM password of any user that has a valid (local) account by modifying the encrypted password in the registry's SAM file. User of chntpw does not need to know the old password to set a new password. Actually, chntpw is now available in the form of bootdisk or LiveCD which includes necessary stuff to access NTFS partitions and scripts to glue the whole thing together.
Chntpw works on NT system which is offline (turned off), and can only be used on local machine and cannot be used on a remote machine. However, chntpw can be installed on a Linux system such as Ubuntu, and then used to recover by resetting Windows user account password by mounting the Windows drive, connected via physical IDE/SATA/SCSI interface or USB portable disk.
Chntpw can be installed using aptitude for user using Debian based system,
It is pretty easy to use and can be found and installed using aptitude if your using debian based system, or can be downloaded and installed in Ubuntu with a simple "sudo apt-get install chntpw" command. Chntpw is likely to be contained in other distributions package manager too, or the source code can be downloaded from http://home.eunet.no/~pnordahl/ntpasswd/editor.html.
Chntpw Usage Guide
Mount the Windows NTFS, FAT or FAT32 partition to the Linux system, allowing read and write access support.
Locate the SAM file for Windows 2000, Windows NT or Windows XP, which is normally located at the either \Windows\System32\config or \Winnt\System32\config folder. Change directory to inside the folder, there are a number of files such as SAM, SYSTEM and SECURITY.
Inside the folder, issue the following command to automatically change the administrator password:
chntpw SAM
Issue the following command (replace USERNAME with actual user name on the computer) to change the password for a normal restricted user account:
chntpw -u USERNAME SAM
Tip: To list all the users in the SAM file, use the chntpw -l SAM command.
Chntpw will display some information on screen, and then prompt for new password to reset the existing password. Enter a new password for the administrator or user account.
Tip: To reset the password to blank (no) password, enter * (asterisk).
Unmount the drive, and then restart the Windows computer. The password for the administrator or user account reseted should be changed accordingly.
There are other options for chntpw, which can be displayed with the following command:
chntpw -h
# chntpw help and usage
chntpw version 0.99.3 040818, (c) Petter N Hagen
chntpw: change password of a user in a NT SAM file, or invoke registry editor.
chntpw [OPTIONS]
[systemfile] [securityfile] [otherreghive] [...]
-h This message
-u
Username to change, Administrator is default
-l list all users in SAM file
-i Interactive. List users (as -l) then ask for username to change
-e Registry editor. Now with full write support!
-d Enter buffer debugger instead (hex editor),
-t Trace. Show hexdump of structs/segments. (deprecated debug function)
-v Be a little more verbose (for debuging)
-L Write names of changed files to /tmp/changed
-N No allocation mode. Only (old style) same length overwrites possible
See readme file on how to extract/read/write the NT's SAM file
if it's on an NTFS partition!
Source/binary freely distributable. See README/COPYING for details
NOTE: This program is somewhat hackish! You are on your own!
In Windows 7 you have to enter a password in order to log in to Windows. This is to protect your PC from Unauthorized access by others. If you are only the one using your computer every time when you start Windows 7 need to to enter the password to log in. This becomes very irritating. So here is how to log in to Windows 7 without entering any user name or password .
In the run menu type control userpasswords2.
Just press WIN + R to get the RUN menu.
The user accounts windows will now open up.
Look for the option saying " Users must enter a user name and password to use this computer " and uncheck this option and press "OK".
Now a windows opens up asking you to enter the current password you use to log in to Windows 7. Enter the password and confirm. Done!.
From now on when you boot to Windows you will not be asked or prompted to enter the user name and password. This can also save a couple of seconds while starting Windows.
We use the "Remember Me" feature in most form logins to help the signing in process faster. But taking advantage of that sometimes makes us forget what our real passwords are. If you often stare at the asterisks and wonder what's your actual password, try this trick. It uses Javascript alert popup to reveal you the password behind the asterisks.
Retrieving password behind asterisks
This trick only work on Firefox browser. On any page or login forms with asterisks passwords, copy paste the following Javascript into the url bar and hit enter. Your password should display on a popup window.
Script
javascript:(function(){var s,F,j,f,i; s = ""; F = document.forms; for(j=0; j<F.length; ++j) { f = F[j]; for (i=0; i<f.length; ++i) { if (f[i].type.toLowerCase() == "password") s += f[i].value + "\n"; } } if (s) alert("Passwords in forms on this page:\n\n" + s); else alert("There are no passwords in forms onthis page.");})();
Make a bookmarklet
if you think you will be using this quite often, try creating a bookmarket out of it. Just drag Retrieve Passwd to your Firefox bookmark toolbar, rename if you want.
Having problem retrieving your lost Windows password? This video tutorial by PCWorld teach you various methods how to retrieve your password. Video after jump.
Here's URLs to the 3rd party applications and website recommended by PCWorld.
if you think you will be using this quite often, try creating a bookmarket out of it. Just drag Retrieve Passwd to your Firefox bookmark toolbar, rename if you want.
Posts
