Windows 2003 password changes

  • sanjibgupta
  • Born
  • Born
  • sanjibgupta
  • Posts: 2

Post 3+ Months Ago

Hi
I have installed windows 2003 in my server. The server runs apache webserver.

I have installed server on last friday and logged into it for several times but on monday i cannot log on to the server with the same password.

Can any one tell me how the password gets changes as i have installed the server twice before and got the same result of password being changed

The server has RAID installed.

Please can any one tell me what happened and how i can come out of the problem.

Is it possible to log into the server without installing it fresh.

Thanking you in anticipation of a reply
Sanjib GUpta
  • Anonymous
  • Bot
  • No Avatar
  • Posts: ?
  • Loc: Ozzuland
  • Status: Online

Post 3+ Months Ago

  • Don2007
  • Web Master
  • Web Master
  • Don2007
  • Posts: 4924
  • Loc: NY

Post 3+ Months Ago

Does anyone else have access to the machine? I never heard of a password changing on it's own.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

Don2007 wrote:
Does anyone else have access to the machine? I never heard of a password changing on it's own.


I agree. It doesn't change on it's own.
  • sanjibgupta
  • Born
  • Born
  • sanjibgupta
  • Posts: 2

Post 3+ Months Ago

No one has access to server.
  • ATNO/TW
  • Super Moderator
  • Super Moderator
  • User avatar
  • Posts: 23456
  • Loc: Woodbridge VA

Post 3+ Months Ago

They only legitimate thing I can think of is you enabled SysKey encryption in mode 2 or 3. Scroll down this link for details
http://www.windowsecurity.com/articles/ ... llers.html

Quote:
Some of the most security-sensitive data that’s stored in Active Directory is password information for domain accounts. The System Key (Syskey) is used to encrypt the account password information stored in the directory services database on the domain controller.

There are three modes in which Syskey operates. In mode one, enabled on all Server 2003 computers by default, a system key is generated by the computer randomly and an encrypted version of the key is stored locally. In this mode, you can still restart the computer normally.

In mode 2, the system key is generated and stored in the same way as with mode 1, but an additional password, selected by the administrator, provides further protection. When you restart the computer, you must enter this system key password during startup. This additional password is not stored locally.

Mode 3 is the most secure method of operation. The computer-generated key is stored on a floppy disk instead of locally. You can’t start the computer unless you have physical possession of the floppy disk, as it must be inserted in the disk drive when you are prompted during startup.

Note

Before implementing mode 2 or 3, consider logistical factors involved. For example, inserting the floppy disk containing the syskey password requires an administrator on-site; this means you would not be able to reboot the server from a remote location if no one is on-site to insert the floppy disk.

Here’s how to create a system key:

1. Click Start | Run and type CMD.
2. At the command prompt, enter SYSKEY.
3. Click UPDATE. The ENCRYPTION ENABLED option should be selected.
4. To require a syskey startup password, click PASSWORD STARTUP.
5. Enter a strong password (the password can be from 12 to 128 characters).
6. If you don’t want to require a startup password, click SYSTEM GENERATED PASSWORD.
7. The default option is STORE STARTUP KEY LOCALLY. If you want to store the key on a floppy disk, select STORE STARTUP KEY ON FLOPPY DISK.

If you use the mode 3 option, storing the password on a floppy disk, be sure to create a backup of the floppy disk.

It’s important to understand that if you lose the floppy disk or it becomes damaged, or if you forget the administrator-selected syskey password, there is no way to recover other than reinstalling the domain controller.


Outside of that the only other thought that comes to mind is that the OS is not a guenine Windows 2003 Server copy and is allowing an intruder remote access.

Windows 2003 server does not change passwords randomly on it's own. Even if you have required password change after specified intervals you are still going to be prompted before the change is made.

Post Information

  • Total Posts in this topic: 5 posts
  • Users browsing this forum: No registered users and 40 guests
  • You cannot post new topics in this forum
  • You cannot reply to topics in this forum
  • You cannot edit your posts in this forum
  • You cannot delete your posts in this forum
  • You cannot post attachments in this forum
 
cron
 

© 1998-2014. Ozzu® is a registered trademark of Unmelted, LLC.