Kid bypassing Laptop Windows Password

Ahh.

He has this then.

I did something like this 15 years or so ago using a PS3 internet browser to download a tool and a usb stick to execute!

I always got the better of my dad on this sort of thing. Good luck OP.
 
Ok one of the Kids is bypassing the the laptop (w11) password.
Two accounts on the laptop mine and theirs. Both with random passwords that can't be guessed. Kid still Managed to get on it.
Now I'm wondering has he a keylogger on it. Nothing in the USB ports. Could he have something on it that exists before Windows Loads.

I'm going to wipe the machine and put linux on it. Leave him with no account on it. But I'm curious how he's getting on it.
i suspect he has enabled the actual Administrator account and set his own password on it, not just a user account with admin right but the actual true administrator account that is disabled in windows.
he can even hide the account from the login screen:
 
Last edited:
:eek: :eek: :eek: :eek: :eek: :eek: :eek: :eek::eek:

This is why I would I wish Virgin Media would increase the complexity of their email passwords. 10 alphanumeric characters would take ~5 days to crack now.

71060733-12090925-Hive-Systems-a-cyber-security-company-recommends-passwords-over-a-1-1684331255886.jpg
 
Last edited:
Without seeing the methodology I'm not even sure I'd agree with the instant claims, instant is pretty quick after all, it's quicker than a jiffy. ;)

Also last time i tried to brute force a password 30+ years ago my 486 DX2 took so long i gave up and that was only a 5 character password.
 
Last edited:
Without seeing the methodology I'm not even sure I'd agree with the instant claims, instant is pretty quick after all, it's quicker than a jiffy. ;)

Also last time i tried to brute force a password 30+ years ago my 486 DX2 took so long i gave up and that was only a 5 character password.
The table is kind of disingenuous because the key parts of that methodology should be made clear on the graphic. They are numbers for cracking passwords hashed with MD5 (the weakest of the weak), from a data breach where both the database of password hashes and salts were leaked. See this thread.

I guess having a table full of "Instantly!" was more important to them than details like that...
 
It's an interesting table. I'm not sure I agree with the implied panic of a hacking time of 18 thousand years being considered 'amber' though. :D

I think you have to factor in the inevitable future advances in computing power and hacking techniques - what may take 18,000 years today may take only a couple of months in a few years time, so you might want to choose a solution which would currently take until the heat death of the universe to break, just to leave a safety margin for such advancements.

Of course this still doesn't account for possible game-changing technological developments, eg quantum computers.
 

OH MY GOD!!! :eek:

This is everybody, security researchers, companies, banks, governments and dads worst nightmare ever!

It only affect Android phones, maybe Android 14 or 15 will fix very severe critical exploit.

Your kid could buy this on dark net and use it to bypass your Android phone fingerprint security to access all password managers to find windows login password or pin or open bank apps to empty your bank accounts or maybe open your crypto wallets to transfer all your crypto to their wallets.
 
It's an interesting table. I'm not sure I agree with the implied panic of a hacking time of 18 thousand years being considered 'amber' though. :D

If you take into account the progress of technology maybe - things which as above on a 486 might take centuries are almost instant now. Though there is the speed of access as well potentially - most public facing systems won't allow rapid login attempts, but if you are trying to break a file's encryption offline you can batter it.

There is also the problem that even in this day and age it isn't completely unusual for passwords to be stored as say a 13 character hash, etc. even if you enter a long and complicated password.
 

OH MY GOD!!! :eek:

This is everybody, security researchers, companies, banks, governments and dads worst nightmare ever!

It only affect Android phones, maybe Android 14 or 15 will fix very severe critical exploit.

Your kid could buy this on dark net and use it to bypass your Android phone fingerprint security to access all password managers to find windows login password or pin or open bank apps to empty your bank accounts or maybe open your crypto wallets to transfer all your crypto to their wallets.

If only an iPhone was purchased.
 

OH MY GOD!!! :eek:

This is everybody, security researchers, companies, banks, governments and dads worst nightmare ever!

It only affect Android phones, maybe Android 14 or 15 will fix very severe critical exploit.

Your kid could buy this on dark net and use it to bypass your Android phone fingerprint security to access all password managers to find windows login password or pin or open bank apps to empty your bank accounts or maybe open your crypto wallets to transfer all your crypto to their wallets.
Only if you are stupid enough to have biometrics setup as the only authentication mechanism
 
Back
Top Bottom