Wikibooks:Requests for deletion/Reverse Engineering/Cracking Windows XP Passwords

How to Crack Windows XP Passwords
Again, illegal material. Wikibooks has a noted history of deleting pages that promote illegal activity. Even if this isnt completely illegal, this page currently is not a book, nor does it have enough direction and scope to become a book. Also, the page doesnt even really describe how to crack the password, it only points the reader to a website that does it for you. It is therefore not teaching a subject, can hardly be considered a textbook, and should be deleted anyway. --Whiteknight T C E 15:27, 1 November 2005 (UTC)


 * Keep: This isn't illegal material at all. Ever take into consideration that you may perhaps need your own password which was changed as the result of a hacking attempt on you? Say your system is corrupted, and your login password has been scrambled (trust me, I've had this happen). Wouldn't you like to be able to see what the password is so you can at least change it back to what it originally was? This isn't illegal material. What the reader chooses to do, using this material, however, may be illegal. But this article wasn't written in hopes of inspiring hacking attacks. -D14BL0
 * Delete. I second Whitenight's comments. Surely there are a million and one more worthwhile 'books' to start compiling here on Wikibooks! David Kernow 16:45, 1 November 2005 (UTC)
 * Keep - I disagree that this information is strictly to promote illegal activity. Indeed quite difficult to do that at all, as in order to get at this information and do this "hack" you have to have physical access to the computer instead of merely network access.  I have actually heard technicians suggest that if this situation occurs where you have to get into a computer when you have forgotten the password, that it would be better to simply reformat the hard drive and reinstall the operating system.  This "hack" allows you to get back into the computer instead, which would be an entirely legal activity.  If the computer isn't behind a locked door or in a secure area, why would anything be on that computer that is sensitive or confidential anyway?  There would be many other security issues to deal with besides being able to hack at a PC and get access to administrator accounts, and even this hack can be defeated if you know anything about computer security and don't want somebody messing with your PC. As far as other worthwhile books, fine, write them.  I'm not stopping you.  Don't click on this web page and you will never have to read about hacking into Windows XP again.  It takes up so little server space that it isn't worth the bother of deleting, which will still keep the content on the server anyway. As far as being something worth teaching, this would be an excellent module for a PC Technicians' toolkit Wikibook.  Having a bunch of techniques to help examine the contents of the computer and help fix problems and diagnose conditions on a PC would have incredible value.  Certainly this module could use some cleaning up, but so do most Wikibook modules.  --Rob Horning 17:31, 1 November 2005 (UTC)
 * But that doesnt change the fact that this book doesnt actually provide information on how to crack the password, it only points the user to a webpage that does it for you. If nothing else, the current incarnation of this page is simply a shameless plug to a webpage that can break passwords. The policy discussion, specifically discussion around the Reverse Engineering book focused alot of attention on books that offer specific exploits to security problems, and the general concensus was that books that offer specific exploits should not be permitted. This book offers such specific information on a particular security exploit, and i think therefore that it qualifies for deletion. A majority of the information (minus the website plug) could probably be merged into the security section of the Reverse Engineering book, but that might still violate policy. --Whiteknight T C E 17:52, 1 November 2005 (UTC)
 * Do you think that if I put registration keys up, that people would just use them to recover their programs? No! They'll use it to unlock the trial versions. Until this world contains people without bad intentions, I say delete!
 * As far as the website plug is concerned, that is an issue that needs to be dealt with as part of a clean up campaign. The basic algorithm can be adapted, and even put into Wikibooks directly without the web reference.  As far as general concensus that specific exploits shouldn't be discussed or describe, I hardly call the vote for that concensus to be from a widespread group of Wikibooks users.  The community is still quite small here on Wikibooks, and we need to be a little flexable on general policy in that regard.  Also, I fail to see how you can talk about exploits without getting into some specific details by demonstrating some specific examples.  That is like trying to learn about human anatomy without actually looking at people without their clothing or being able to cut people open to examine just what the various organs of the human body really look like.--Rob Horning 15:32, 2 November 2005 (UTC)
 * Delete (or possibly Expand?) for the reasons Whiteknight mentioned in his followup. I don't think the concept of breaking a password is illegal, as there are legitimate reasons to want to do so. However, the "book" in question doesn't instruct in any traditional sense or provide any depth of information. While I think a book on the Windows password system would be interesting, and potentially very entertaining, I don't think this page is that book, or is likely to become it. --Telamon 23:00, 1 November 2005 (UTC)
 * Keep If someone presents evidence that cracking one's own password file is illegal, then I can vote Delete. If this module does not become a book, then it could be attached to Cryptography as an example. --Kernigh 03:39, 2 November 2005 (UTC)
 * Keep I am the original author of the page. I have no relations to the websites mentioned. It took me a bit of thinking to figure out how to reformat the output of the floppy disc for the cracker and it took quite a bit longer to find the cracker in the first place. I wrote down my experience to help people who may be in similar situations. It can be expanded by the various methods of obtaining the hashes and the various methods of cracking them. WP 05:24, 2 November 2005 (UTC)
 * Merge I can only see keeping this page if it gets merged into an existing book, and does not attempt to stand alone as a book fitnessed for breaking a particular password scheme. I recommend that it either be included in the Cryptography book (as a side note on how windows passwords are stored), or in the Reverse Engineering book, as an example of how to reverse engineer and circumvent a password-protected system. If the over-all concensus is to merge, i will start working on this immediately. --Whiteknight T C E 14:58, 2 November 2005 (UTC)
 * ... or in a book on Securing Windows XP, Troubleshooting Windows XP, Microsoft Windows Inside OUT!, or Windows System Administration. Uncle G 17:56, 2 November 2005 (UTC)
 * Delete as per nomination. I agree with User:Whiteknight, cracking passwords are illegal, and this article doesn't belong in Wikibooks. --FlyingPenguins 05:32, 4 November 2005 (UTC)
 * Keep because despite the ignorance or prejudice of others, cracking passwords is not illegal. I have had the need to crack quite a few of my old passwords which I'd forgotten, and also crack passwords on servers because the only one who knew the password left the company.  As stated before, however, the page in and of itself is not a "book" and should be combined with other security information.  Also perhaps include a disclaimer about the actions that would be construed as "illegal", such as accessing a system to which you do not have authorization.
 * Merge I think the information on it is fine and belongs on wikibooks, but this does not meet the length requirements for a book. It ought to be merged into either a security or Windows book.  --Gabe Sechan 23:16, 4 November 2005 (UTC)
 * Keep I believe this knowledge should not be hidden, it shows a weakness that any SysAdmin should know. Tom Maioli 15:34, 5 November 2005 (UTC)
 * Keep but modify:this page is exposing vulnerabilities of a system,and the autor mabe doesn't know how to get rid of theses vulnerabilities...so why not modyfying it in order to tell people that solutions exist and give them the right one
 * Merge A lot of the claims against this are really, in my opinion, bull. It has been stated repeatedly that it is NOT illegal in any sense to recover passwords on computers you own, and that this information could be useful in helping you recover a forgotten password. People seem to refuse to listen. Yes, this password could be used for illegal purposes, but so could instructions for making fire. Should we delete all information on that based on the idea that some people could use it for arson? Or even based on some unfounded proposition that "most" people who want to know how to make a fire will use that knowledge for bad means? No, of course not. This is potentially useful knowledge, and is not of a personal or illegal nature at all. Although it can be potentially used for illegal means, that does not matter. Furthermore, although this is certainly more the size of a wikipedia article, and could not constitute as a 'book', it most certainly is useful, educational, important information. As to those people who are against keeping solely because it tells the user to make use of external resources, such as other websites: BFD, it tells a user to use a website as a tool to getting something done. Big deal. That doesn't change the fact that the information is extremely useful, it could mean the difference between recovering your files and losing them. Ideally, it would explain how the reverse-hashing process works, and explain the theory of how to attain the SAM file, so dependence on a foreign program would not be necessary. But even if it doesn't right now, that doesn't matter, it still fulfills the educational needs of the user reading it. It does describe "how to crack a password", white knight, just because it doesn't do it in the way you'd like doesn't mean it should be deleted. It should be expanded to be more informative and explanatory, but it still does the job. 64.223.231.204 22:22, 6 November 2005 (UTC)
 * i have 2 critisism on this page:
 * not neutral=> need to tell people what to do against this treat
 * too specific=>must be integrated in a bigger book about computer or windows security
 * but this could become a great initiative over computer security by the way i do not use anymore windows and i have some old install and so cracking(i've a better solution=>change the password(faster) with the same method and an ntfs driver) my old and forgotten password can be usefull(so i didn't crypt all my hd...) and there could also be forgotten after a long hollyday...
 * Keep Security through Obscurity is widely argued to be an inadequate means of protection. Fostering this paradigm is of little aid to the developers of products which run on Windows XP.
 * In fact, open source software (such as Linux) tends to be more secure that others (such MS Windows), because security holes can be proactively addressed. (Note that when Microsoft patches a security vulnerability in their software, in most cases, that flaw has existed since release.  Flaws in an open source system can be addressed before vulnerability is discovered or “proof of concept” is exploited with malicious intent.
 * I did not know of the importance of passwords greater than 14 characters. This article has been of use to me and I will be updating my XP password.


 * Keep. Useful information.  Not illegal.  -lethe@en.wikipedia.org 01:02, 10 November 2005 (UTC)
 * Keep. It is useful. Nuking your own password is not illegal at all. As for implications of this information... Freedom means to accept everything, no matter how unpopular or distasteful to you. Keep it.-chayharley@en.wikipedia.org 08:53, 10 November 2005 (UTC)
 * Delete. Of course it's not illegal, but does that make it worthwhile? The kid doesn't even discuss how to crack the password, just where to go to get it done and the internet is already overflowing with info like that. If it was an intellectual teaching of encryption and decryption, using the flaws in Windows security to illustrate, you could appreciate it, but as it stands it's nothing more than a wikification of some text file that some kid found on hotline. I say replace it with a book called "How to get a girlfriend" something far more useful than knowing where to go to crack a windows XP password.
 * Keep/Merge Not illegal and can be useful. Probably should be merged somewhere.Juliusross 12:39, 10 November 2005 (UTC)
 * Delete Do you think that if I put registration keys up, that people would just use them to recover their programs? No! They'll use it to unlock the trial versions. Until this world contains people without bad intentions, I say delete!
 * Keep Despite the fear-mongering, the information is useful and the process itself is not illegal. Until this world contains people that won't murder, let's lock everyone in solitary jail cells?  Ridiculous. 166.89.26.43 18:18, 10 November 2005 (UTC)
 * Keep. &mdash;Brim 01:36, 12 November 2005 (UTC)
 * Keep Sake of science and for experimental purposes. Deleting this would be like having someone post a book on how to use john the ripper and someone saying delete it because of illegality. Simply because it could be used for illegal activity doesn't mean it will be, many people enjoy learning this information for the sake of knowing it. - 69.251.125.187 02:21, 12 November 2005 (UTC)
 * Keep I installed XP months ago and didn't care much about security so I just typed asakfj as an administrator password. I also had myself as a user with admin privledges.  Today I was playing around with the settings on my user account.  I changed my account type to a standard user without realizing what that meant.  After I reboot my computer I couldn't install or remove programs because I no longer had admin rights.  Since I had no idea what I used for the administrator I couldn't even go into safe mode.  I was pulling out all my setup disks and drivers getting ready to sit in front of my computer for hours watching it reinstall everything when I found this article.  Whether you think it is "hacking" or "cracking" I still think it is important for public information so that people don't have a false sense of security by thinking their data is untouchable if they use an administrator account.  Please Keep it!  Thanks
 * Keep Nothing is lost by keeping this. And deleting takes extra work.
 * Keep An anti-virus software might not get installed if the user doesn't have admin privelages. Virus time-bombs might activate before they can be deleted if that user doesn't have admin privelages. Better safe than sorry.
 * Keep Interesting and useful on some occasions. Anyway, hiding security holes is never the right solution.

COMMENT There are quite a few anon votes here. I have a list of the anon IPs and how they voted in case the closing Admin wants them. And how long is this thing going to stay open anyways? -- LV (Dark Mark) 16:50, 15 November 2005 (UTC)


 * I think the general concensus is to Keep this book, although it cannot stand alone as a module itself, and needs to be merged into another book. I recommend either the Cryptography book, or a "Using Windows", and efforts are in progress now to make those merges happen. --Whiteknight T C E 17:08, 15 November 2005 (UTC)


 * Well, actually from my count (discounting anons) I see 6 keeps, 4 deletes, and 3 merges (some votes are counted twice: delete or merge type votes). So really there is no consensus, so default to keep. So let's close this thing and get it off this page. -- LV (Dark Mark) 17:20, 15 November 2005 (UTC)

Keep Deleting this article will take more time to do. It's a lot of work to accomplish. I feel that if you delete the 'Windows' article, you'll regret it. --LucilleBall T C E 22:28, 7 November 2008 (UTC)

Since the general concensus was to Keep, I've moved the page to Reverse Engineering for now. The above link is now a redirect. This action is easily reversed, and the page can be moved to any future Wikibook as well. This is just to give a home at the moment. This discussion will be archived in one week. --Rob Horning 17:44, 15 November 2005 (UTC)