

How to Crack the Account Password on Any Operating System - MikeCapone
http://www.joetech.com/how-to-crack-the-account-password-on-any-operating-system/

======
RiderOfGiraffes
I thought I'd read this before. Courtesy of <http://searchyc.com> we get this,
different site, exact same article:

<http://news.ycombinator.com/item?id=1180910>

Lots of comments there.

tl;dr - if someone can access your hardware, you're toast unless you use
encryption.

------
MikeCapone
Is it truly as simple as using the install OS X CD? Does it only work if you
aren't using filevault?

~~~
andfarm
Correct on both.

------
jodrellblank
For the record, that Windows weakness isn't because Microsoft are too dumb to
design a secure OS in 2010, it's because in XP and Server 2000/2003, passwords
<=14 characters are also stored in the older, weaker, unsalted LanManager hash
format for backwards compatibility reasons.

If your password is greater than 14 characters this wont happen, and if you
are using Server 2008, Vista or Windows 7 this wont happen unless you enable
it explicitly.

Edit: Following Rider's link to a previous submission, it seems Ophcrack does
attack NTLM hashes. Wonder if it rainbow-tables them in 10 seconds?

