Neil Carpenter's Blog : PASSGEN

PASSGEN

Occasionally, I see a security incident where one of the things that went wrong was that all of the customer's machines have the same password for the built-in administrator's account. Whenever this happens, I suggest the PASSGEN tool that was included with the book "Protect Your Windows Network" by Steve Riley and Jesper Johansson. Obviously, most people don't want to run to the bookstore in the middle of a security incident but, fortunately, it was available on their website.

Unfortunately, the website disappeared recently and I had to scramble around to find it. If you're looking for PASSGEN (and you should be if you have the same password for local admin across a number of machines), you can find it in two places:

Published Wednesday, October 22, 2008 2:52 PM by neilcar

Filed under: Security, Tool

Comments

# re: PASSGEN

Wednesday, October 22, 2008 3:37 PM by Larry Seltzer

You must see this a lot on Windows Home Server, which almost forces you to have the same admin password on all systems including the server.

# re: PASSGEN

Wednesday, October 22, 2008 4:23 PM by neilcar

My team deals with security incident response in the corporate space so I don't see that; however, I'm not so sure it would be a problem. I run WHS at home and, while things run smoother if user accounts have the same password across multiple machines, there is no dependency on the builtin\administrator accounts on those machines.

New Comments to this post are disabled

Neil Carpenter's Blog

This Blog

Syndication

Search

Tags

Archives

About Me

PASSGEN

Comments

# re: PASSGEN

# re: PASSGEN