TechSpot

How to stop other administrators from removing administrators password?

By korrupt
Oct 12, 2006
  1. Hey, I am an administrator on my pc along with another person. Obviously I want my files to be private, but if the other administrator can simply remove my password, it doesnt work too well.

    Is there any way to stop Admins from removing other admin's passwords without losing other admin priviliges?

    Regards,

    Korrupt
     
  2. smore9648

    smore9648 TS Rookie Posts: 697

    Encrypt the folders that you do not want any one to get to. Only the user of the encrypted files has access to it.

    (Only if you have XP PRO)
     
  3. korrupt

    korrupt TS Rookie Topic Starter Posts: 716

    But I don't want them to be able to remove my password at all...

    Korrupt
     
  4. smore9648

    smore9648 TS Rookie Posts: 697

    I am unaware of anything that will help you with that.

    Trust in the other person is your only hope IM0
     
  5. Nodsu

    Nodsu TS Rookie Posts: 5,837   +6

    Make the other people power users, not administrators.
     
  6. Rick

    Rick TechSpot Staff Posts: 4,573   +65

    It's not too hard to change an admin password in XP Pro outside of Windows too... So doing so probably won't help you much if the other users are familiar with computers.

    The only real 'solid' way to prevent other admins changing your password is demoting them to power users and so on...
     
  7. korrupt

    korrupt TS Rookie Topic Starter Posts: 716

    Nodsu, that is not going to happen lol:(

    Rick, the other person is as computer illiterate as a broomstick.

    Is there no way to edit this in the registry? It's possible to remove the shut down button etc, so IMO it should be possible to remove the "remove password" button....

    No more Idea's anyone??

    Regards,

    Korrupt
     
  8. Darth_Terra1

    Darth_Terra1 TS Rookie Posts: 212

    Have you tried looking in the user and security policies area and see if there is an option to choose who can remove and set passwords and only set yourself.
     
  9. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Why are such people administrators?
     
  10. Darth_Terra1

    Darth_Terra1 TS Rookie Posts: 212

    I was thinking the same thing, maybe the other guy co-owns the PC.
     
  11. korrupt

    korrupt TS Rookie Topic Starter Posts: 716

    The other person does co-own the pc lol...

    How would I get into the user and security policies area

    Korrupt
     
  12. Consiglieri

    Consiglieri TS Rookie Posts: 23

    For starters, change the name of your account to something that he wouldnt expect to be you.

    Furthermore, if you dont use the default administrator account. Try ctrl+alt+del (two times) at the login of windows xp. This will show u a basic login screen, where u can login as the default administrator. If your computer does not have the 'show default administrator' tweak, he cannot see it in useraccounts, and thus not change your password.

    Fyi, this info is all out of my skull, and i havent tested it all, so please try and let us know.
     
  13. jobeard

    jobeard TS Ambassador Posts: 9,342   +622

    this is dangerous!
    the encryption is tied to the login password; change the password and you've lost control of the encrypted files! really dumb implementation :knock:
    search the MS KB articles for details.
     
  14. Mictlantecuhtli

    Mictlantecuhtli TS Evangelist Posts: 4,345   +11

    Hmm.. I experimented with this a little, and it seems to me that it's not possible to both deny changing the password and have it working so that the user can log in.

    I removed SYSTEM's "Set Value" permission from the username & password registry key, and when I tried to do anything with the user, the system said the user didn't exist. I guess it needs writing permissions in order to log when something's happened.
     
  15. smore9648

    smore9648 TS Rookie Posts: 697

    Its not dumb. As long as you know what are doing you will be fine.
    But this is not the solution he is looking for.
     
  16. Consiglieri

    Consiglieri TS Rookie Posts: 23

  17. jobeard

    jobeard TS Ambassador Posts: 9,342   +622

    right, it's far worse; it's unconscionable to implement such a feature
    without a warning the user of the consequence of not having a recovery agent.
    this 'feaure' is viable only for systems with a domain controller, otherwise it's a virtual trap!

    All password guidelines say to change passwords frequently; even as soon as 30 days.
    oh what fun -- but hey, you're suppose to know all about the consequences :)
    give me a break. :eek: :blackeye:
     
  18. TimeParadoX

    TimeParadoX TS Rookie Posts: 2,273


    Well... if he is that dumb in computers how is he able to even put the "turn on" button? =D
     
  19. smore9648

    smore9648 TS Rookie Posts: 697


    I think you mean inconceivable not unconscionable.

    Why would you have a password policy on a standalone system? :stickout:

    I am done talking about this because this is not the solution he is looking for.
     
  20. korrupt

    korrupt TS Rookie Topic Starter Posts: 716

    we use the log in screen so we don't have the ctr-alt-delete log in thing.

    Korrupt
     
  21. smore9648

    smore9648 TS Rookie Posts: 697

    You can change that in the user account panel
     
  22. Consiglieri

    Consiglieri TS Rookie Posts: 23

    If u do press that combination twice, it will pop up and allow u to login as default admin.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...