What is the default administrator?

[gbhall]

I got myself into a bit of a pickle where I felt I needed to use recovery console from my XP pro install CD. I just wanted to run FIXMBR to get rid of a grub loader I accidently installed (doh!)

However, starting recovery console got me immediately to the 'enter your administrator password' prompt which stumped me because I have no recollection of ever putting one in when I installed XP-pro in the first place - nearly 5 years ago - and indeed, I never sign on to my PC. As the only user, I like to auto-signon.

I tried just enter, admin, administrator and one I might well have used, but nothing rang XP's bell. Is there a default overall administrator password, or can I find out what it is in my case?

The actual MBR re-write I easily accomplished with UBCD4WIN (bless it !)

 

[LookinAround]

When recovery console prompts for password, just hit Return

If you never put a password on the Admin account, there's none. So hitting Return should work. give it a shot

(p.s. from the windows logon screen, you can also hit Ctl-Alt-Del twice. Should also allow you to enter the admin account for user Admin. Leave password blank)

 

[gbhall]

From the logon screen, pressing c-a-d twice gets me to an old-fashioned-looking network logon with default user myself (as I said, I am the sole user). I enter user administrator but am unable to enter a known password. Whatever it is It is not empty however.

So how do I find out what it is, or set it to something I can remember?

I tried run control userpassword2 which showed there actually is a user administrator, and there was also a reset button, which I took, and set a blank password. It now actually works, which says a whole lot of things, none complimentary, about MS security......

 

[LookinAround]

1) I think you need enter Administrator (cap "A") as the userid

But also
2) Since you're running XP (from your specs) and i assume your user logon has admin rights?
> Install TweakUI
> Run it (find it in C:\Windows\System32)
> Click on Logon in left pane. Check Show 'Administrator' on Welcome Screen
> Click OK

You should now be able to click Control Panel->Users, and now see the Administrator account listed, and if you have admin privil on your current account, you should be able to remove any passwork on Admin account..

/* edit */
OK. I don't remember if caps make a difference with Windows user ids, but 2) above should work assuming you have a userid with admin rights

 

[gbhall]

Well I dont need to go through the whole of what you suggest, as I have removed the password (whatever it was) from administrator. Just to run control useradmin2 seems effectively the same as the procedure you outline.

But your point about me having admin rights as myself is the answer (possibly) to why I was allowed to change the administrator password at all. To change the passwords, you do need to be signed on to XP as any user with admin rights

So MS security is not as bad as I originally thought. Just fairly poor, and weird.....why allow any admin level user to change anybody's password?

 

[DelJo63]

here's the scoop;

Until recently, an OEM installed Windows came with

• no passwords
• no login required
• (and depending upon the vender) you were running on the Owner or the Adminstrator login

Those that purchase a Retail CD may have done similar or whatever - - -

Vista & Win/7 now force you to create the LUA/UAC account and to specify the Admin password.

Attempting to use RUNAS will fail unless there is a password on the Admin account.

CP->User Accounts will show all user-ids on the system (if you're running from Admin)
{all except the 'hidden' Administrator}. XP/Home users must boot into Safe Mode to see
this hidden login.

Safe Mode will show you ALL logins with Admin priviliges - - you should be sure to set a password for all of these if you want to protect your system.

Any account can have Admin privs, but be careful there - - that opens the door for
"too many cooks" to spoil your soup (ie windows).

Personally, I've created an LUA account with some password xxxxx
and then set a prefix for the Admin account(s) passwords eg: admin-xxxx
so my pea-brain can remember them.

I also only use the LUA account when surfing the net to make just one more bump in the road for all attackers

 

[DelJo63]

forgot to mention:
You can set the NTFS ownership and / or permissions to

• the account Administrator
• the group Administrators

the latter of which can be very handy

 

[gbhall]

That's useful stuff, Jobeard, and if/when I upgrade to Win7 I will refer to it. I also take your point that using one account for all work is not the most secure choice.