Forgotten Passwords: Difference between revisions

From Info Wiki
Jump to navigationJump to search
(added password change procedures)
 
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 6: Line 6:
#<nowiki># su fred</nowiki>
#<nowiki># su fred</nowiki>
#execute password command to change password for user "fred"
#execute password command to change password for user "fred"
<nowiki>$ passwd</nowiki>
#<nowiki>$ passwd</nowiki>
#'''logout''' from root account
#<nowiki>$ exit</nowiki>
#<nowiki># exit</nowiki>
#<nowiki>$</nowiki>


== Root Password ==
== Root Password ==
Line 18: Line 22:
#execute password command to change password for user "fred"
#execute password command to change password for user "fred"
#<nowiki>$ passwd</nowiki>
#<nowiki>$ passwd</nowiki>
#return to booted environment
#<nowiki># exit</nowiki>
#safely unmount installed system
#<nowiki># umount /mnt</nowiki>
#if running from installed OS, then '''logout''' from root account

== Physical Security ==
It will be seen from the above that any password could be changed on a computer to which physical access is obtained. Any unencrypted '''data''' could then be retrieved from such computer. It is therefore essential to:
*prevent unwanted physical access to working computers
*securely erase SSD/HDD storage on computers sent for disposal
*physically destroy or securely erase unwanted removable media such as floppies, USB, SD, CD/DVD

Latest revision as of 22:52, 12 September 2016

User Passwords

User passwords can be reset as follows:

  1. log in as "root"
  2. switch to user account, eg for user "fred"
  3. # su fred
  4. execute password command to change password for user "fred"
  5. $ passwd
  6. logout from root account
  7. $ exit
  8. # exit
  9. $

Root Password

Root password can be reset only via booting another Linux on the same computer - either:

  • another installed Linux
  • a utility USB/CD booted on the computer - these generally run from the root account
  1. mount the partition containing the root filesystem of the installation for which password reset is required - eg for /dev/sda10
  2. # mount /dev/sda10 /mnt
  3. change to the mounted partition
  4. # chroot /mnt
  5. execute password command to change password for user "fred"
  6. $ passwd
  7. return to booted environment
  8. # exit
  9. safely unmount installed system
  10. # umount /mnt
  11. if running from installed OS, then logout from root account

Physical Security

It will be seen from the above that any password could be changed on a computer to which physical access is obtained. Any unencrypted data could then be retrieved from such computer. It is therefore essential to:

  • prevent unwanted physical access to working computers
  • securely erase SSD/HDD storage on computers sent for disposal
  • physically destroy or securely erase unwanted removable media such as floppies, USB, SD, CD/DVD
Retrieved from "http://pcug.org.au/info/index.php?title=Forgotten_Passwords&oldid=1634"