Skip navigation
Menu
Compute Engines

JSI Tip 3513. TweakUI hides DefaultPassword for Windows 2000 AutoAdminLogon.

In tip 0004 » Bypassing the WinNT logon prompt, I described the registry entries to bypass the Windows NT and Windows 2000 Logon prompt, and automatically logon.

This has always presented a security risk, as the DefaultPassword is stored in plain text in the registry.

In Windows 2000, if you use the TweakUI Logon tab to set the registry entries, the DefaultPassword value name is NOT created at the Winlogon key. Instead, a <NO NAME> value name, using the REG_DWORD data type, is created at HKEY_LOCAL_MACHINE\SECURITY\Policy\Secrets\DefaultPassword. This data value is encryted and NOT viewable by any means that I can find.


Hide comments

More information about text formats

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish
Related
quantum computing qubits
An Enterprise Guide to Quantum Computing
Jan 22, 2020
supercomputing blue squares chip intelligence
2019 Brought Red Hat Enterprise Linux 8, k3s and HPC-in-a-Box
Dec 19, 2019
person uses tablet to get support help
A Guide to Open Source Support Providers
Dec 13, 2019
Network servers in data center
eBay Shares Server Designs as It Rebuilds IT Infrastructure
Sep 15, 2018