Windows XP Admin PW - how safe?

[IronGalaxy]

if someone had physical access to my computer, is it possible for them to crack my admin password?

[krohnjw]

There are various tools that will allow you to boot and set a new password on and NT based windows OS, comes in handy at times here at work.

If you have XP home then they can easily use pwdump to grab the pw file and then a cracker to crack it as everyone has admin rights by default in home.

Surely though with enough tries they could guess the password too with physical access as a reboot would get around the lock out. But that would probably take quite a few tries.

I'm not sure if you can set a new PW via the recovery console, but a win2k CD will boot into recovery console without requiring an admin password on an XP install. That could be a problem also

[SeanC]

In short yes. Like Krohnjw said there are utilities that can be used to crack pretty much any password.

Sean