BIOS passwords can be add extra layer of security for desktop and laptop computers, and are used to either prevent a user from changing the BIOS settings or to prevent the PC from booting without a password. BIOS passwords can also be a liability if a user forgot their passwords, or if a malicious user changes the password. Sending the unit back to the manufacturer to have the BIOS reset can be expensive and is usually not covered in an a typical warranty. However, there are a few known backdoors and other tricks of the trade that can be used to bypass or reset the BIOS password on most systems.
(more…)

That you’ll ever need?
Windows/Mac/Linux: Firefox extension and Internet Explorer add-on LastPass is a secure password manager for all your web passwords. Like other web-focused password managers, LastPass puts all of your individual passwords behind one master password. When you type in that master password, LastPass can then automatically log you in to any web site you visit with saved login credentials. Even better, LastPass syncs passwords over the internet, so all your saved passwords on your work computer, for example, will always be synced up on your home computer.

Create strong passwords, knowing you only have to remember one.

Log into your favorite sites with a single click

Access and manage your data from multiple computers seamlessly

Share logins with friends and let others share logins with you

https://lastpass.com

If you’ve ever saved a password when connecting to a website that requires authentication, for a remote desktop session or a mapped drive, you might have wondered where those passwords are saved. You can view these by going to the Start button then the Run dialog box and paste this:

rundll32.exe keymgr.dll, KRShowKeyMgr

or

control keymgr.dll

alternatively you can create a shortcut on your Desktop (more…)

by LysergicBliss
A cardinal rule of computer security is that once an attacker has
acquired physical access to a machine, it is generally trivial for
that attacker to fully compromise the system. As technology
improves, this is becoming less the case, but for now, if an attacker
has physical access to a machine, the attacker can generally breach
its security.
(more…)

Brief introduction on how Internet Explorer stores its passwords

(more…)

From Pauldotcom:

winlockpwn is a memory analysis tool released by Adam Boileau of storm.net.nz. This utility exploits firewire’s direct memory access. The operating system allows firewire devices to directly read/write memory without having to go through the processor. Sounds handy right? (more…)

Using BackTrack Live CD which can be found ::here::

For those of you who forgot your spiffy new Vista Logon password. Here’s a quick and dirty way to make a new user account. BTW, this has been around since XP but still useful.

(more…)

There are several ways to obtain password hashes, depending on their location and existing access. Password hashes can be obtained from SAM file or its backup, directly from local or remote computer registry, from registry or Active Directory on local or remote computer by means of DLL injection, from a network sniffer. The SAM file located in the %SystemRoot%\system32\config directory or %SystemRoot%\repair directory. It is also possible to recover the password itself from memory.

Here’s a few free tools to help you recover lost/unknown Windows passwords, most come with the source code included. (more…)