This image is hosted on an Environmentally Friendly™ host.

  • behindthesailboats@lemmy.world
    link
    fedilink
    arrow-up
    181
    ·
    1 year ago

    Right, So I actually did something similar. On some version of windows I noticed that ctrl-backspace was adding another character to the password, instead of deleting it. So I included it in my password. Then I updated to a new version of windows and got locked out since they updated the password backend to where it would actually delete the password instead of a adding the character, so I had no way of typing out my password. Ended up just nuking the computer.

    • x4740N@lemmy.world
      link
      fedilink
      English
      arrow-up
      54
      ·
      1 year ago

      Could have just researched what character was being inserted by the ctrl backspace and then used the keyboard to insert the character from its ascii or unicode code to login and then changed your password before nuking your computer

      • this_1_is_mine@lemmy.ml
        link
        fedilink
        arrow-up
        26
        ·
        1 year ago

        early win98 and i think even into second edition you could just click the close window x button on the login window and it would just dump you onto the desktop. my parents thought adding a password would stop late night gaming… nope worked till i got discovered one fateful nigbt and i was grounded till i revealed how i found out what the password was.

        was eye opening for my father who then started just taking the power cords off the monitor and psu.

      • yum13241@lemm.ee
        link
        fedilink
        arrow-up
        2
        ·
        1 year ago

        All the login prompt did back then was let users save user specific settings. Your best bet back then was a BIOS password.

    • Knusper@feddit.de
      link
      fedilink
      arrow-up
      21
      arrow-down
      1
      ·
      1 year ago

      I know, this is easier said than done for someone unfamiliar with this stuff, but maybe still good to know that this is an option in future:

      You can prepare a “Linux Live USB” and select in the BIOS that it should boot off of that.
      It’ll start a complete OS off of that USB, so you can access the hard drive (assuming you didn’t enable disk encryption) and at the very least backup your files, or sometimes even resolve whatever keeps you from accessing Windows.

      • Appoxo@lemmy.dbzer0.com
        link
        fedilink
        arrow-up
        14
        ·
        1 year ago

        Remember: Those were probably the times of a single computer at home and having a spare laptop somewhere ready for that is not the default.

        • RustySharp@programming.dev
          link
          fedilink
          arrow-up
          9
          ·
          1 year ago

          Those were the times when I had to pull out my hard drive, ride my bike to my best mate’s house, and plug it into their PC so I could finish up a report due the next day. All because Windows 95 didn’t shut down cleanly and refused to boot.

        • Knusper@feddit.de
          link
          fedilink
          arrow-up
          2
          ·
          1 year ago

          I did actually remember that, but figured, they must have had some way of reinstalling Windows, too.

          I guess, though, they might have had a physical Windows install disk at home. So, yeah, would have had to prepare a Linux Live CD before disaster struck…

          • locuester@lemmy.zip
            link
            fedilink
            English
            arrow-up
            3
            arrow-down
            1
            ·
            edit-2
            1 year ago

            CD? Windows 98 first edition was released on floppies. And Linux was not some simple thing. Red hat hadn’t even created yum and Debian hadn’t even created apt.

            The late 90’s was a chore of library visits and 14.4k baud XModem transfer interruptions.

      • superkret@feddit.de
        link
        fedilink
        arrow-up
        10
        ·
        edit-2
        1 year ago

        You can also create a Windows installer USB stick, boot off of that, and start its command line to access the files on the installed Windows system. There you can copy CMD.exe over the file path of the accessibility options app.
        Then boot back to your installed system’s login screen and hit the button for accessibility options, which now opens a working command line logged into the installed system with admin rights. You can use that to reset your admin password.

        This hack has worked in some form since Windows 3.11 .

        • bort@lemmy.sdf.org
          link
          fedilink
          arrow-up
          6
          ·
          1 year ago

          This sort of nonsense right here is why infosec people warn about having physical access to machines

          • jvisick@programming.dev
            link
            fedilink
            arrow-up
            3
            ·
            1 year ago

            It’s not just because of nonsense, it’s more that it doesn’t really matter what you do - the only thing stopping someone with physical access to your machine is their level of determination.

            At some point, there’s no stopping the laws of physics. Your data is physically stored there. You can do a lot to make it really difficult to access it, but the best you can do is full disk encryption with a sufficiently strong key, and only store that key on external hardware that isn’t accessible to the attacker.

            Even then, you better make sure that your encryption key wasn’t hanging around cached anywhere in memory before you shut down your computer.

      • this_1_is_mine@lemmy.ml
        link
        fedilink
        arrow-up
        3
        ·
        1 year ago

        this i do all the time. you can even make a persistance on the drive so its not just like a fresh install every boot. really nice if you wont have access to internet on the host hardware so if you need sometool inparticular you can have it installed already

  • Norgur@kbin.social
    link
    fedilink
    arrow-up
    77
    arrow-down
    2
    ·
    1 year ago

    Doing that to annoy devs who didn’t sanitize their database inputs is like walking along parking lot just to see if anyone has forgotten to lock their car, just to put a post it in the steering wheel.

    • daw_germany@feddit.de
      link
      fedilink
      arrow-up
      8
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Nah man, not sanitizing Inputs could pose serious security risks as someone could use this shit to escape and run arbitrary database queries potentially leaking passwords or other info or just wiping it (Afa I have learnt on the internet)

  • Neato@kbin.social
    link
    fedilink
    arrow-up
    21
    ·
    1 year ago

    Is this anything that a simple admin password reset wouldn’t fix? It’s not like admins can see your passwords anyways. (if the system is even remotely competent)