Sometimes the Correct Answer is to not Answer

“Standards!!” I shrieked, hands partially extended in front of me, palms up and fingers bent and twisted like a long dead Joshua tree.

I was working the tech bench at a SMB near the beginning of my career. An old desktop PC that was on a losing streak with the second law of thermodynamics sat before me. I was trying to log in as the local administrator to perform some banal task that was the technological equivalent downing a box of Nytol.

“Let’s try this one…” I mumbled and clattered for a brief moment on the keyboard. “GAAAAHHH!” Once again I burned two eyeball sized holes in the ceiling as I turned my contorted face upwards in an expression that would have made Colin Clive petition for my Oscar nomination.

The IT department had attempted to put the same local admin password on all of our PCs. However, maintaining nearly 30 separate images for the various PC models that we accrued over the years insured that a few things would be nonstandard here and there. Also, there were long forgotten back-room and warehouse PCs that were never blessed with an image-based deployment and were instead set up as one-offs with who knows what settings, accounts and passwords.

“I seem to remember this one being used at one point…” Clickety-clack. “WHAT HIDEOUS MONSTER OF NON-CONFORMITY DEPLOYED THIS STUPID… ?!?” I growled through clenched teeth. I couldn’t make too much noise lest people passing the back room that we techs performed our rituals in get worried and call security. The IT department had a close relationship with security, however the officers couldn’t turn a blind eye to me going all Texas Chainsaw Massacre on company property. I took a deep breath and regained my composure.

There were several local administrator passwords that had been used in times past, and I had tried them all. I even tried the domain admin password hoping that someone had made a mistake and put the wrong password in. I even tried some generic passwords like ‘letmein’ and ‘password’ (hey, it had worked once or twice before). This time nothing was working.

I sat, head in hands, contemplating my next move. I could reimage the aging machine… that is if it even had an image that was made sometime after Lycos was the hip new way to search this World Wide Web thing. The computer had programs and data on it that were of indeterminate function and worth. I ‘d have to copy the data and hope I could reinstall the apps the proper way. This was turning into a nightmare.

There I sat, head in hands, a sad figure that was on the brink of being vanquished by my ancient foe. I tried to quiet the frustration by emptying  my mind of thoughts. I took a deep breath and composed myself in a peaceful blank. Nothingness.


“Wait…” I looked up and stared at the Windows login box. “Administrator” as the username, the cursor strobed in the password box. It rhythmically taunted me in the blank input field. Blank.

Face frozen in an expression of distrust, but edged with hope… I tapped the enter key. I was greeted with the hopeful, breathy Windows login chime.

(Thanks to Richard Holloway‘s comment on my post “Before you Ask are you Ready for the Answer” which reminded me of this anecdote that happened several years back. You might be interested in Ed Bott’s article “It’s OK to use a Blank Password“.)


  1. the_angry_angel

    July 23, 2010 at 6:03 pm

    Sometimes its just quicker and easier to use something like Sala’s Password Renew on a WinPE, Kon-Boot, or Offline NT Password and Registry Editor live CD :)

    Totally see where you were coming from here tho – its the almost like a rite of passage that we all have to go through in this sort of career it seems 😀


    • Wesley.Nonapeptide

      July 23, 2010 at 7:51 pm

      At that point my hacking skills wouldn’t have been sharp enough to crack a password if it was written on a post-it note and placed under the desk phone. It’s a miracle I was able to figure it out at all. 😉


  2. Graycat

    July 26, 2010 at 3:21 am

    Oh the joys of local admin passwords! :) lol

    I agree with the churlish cherub regarding the NT Offline Password Reset disc is a godsend in that situation.

    After getting miffed with the same situation at our place I deployed a script via gpo that resets the local admin password to something rather long and complex ….. like 25 characters long. That combined with one that removes the logged on user from the local admin group (only affects normal users and not us techies) well lets just say a lot of reoccurring issues were resolved. :)


    • Wesley.Nonapeptide

      July 26, 2010 at 11:43 am

      At that very place, the plan was to do just that. Deploy a GPO that uncoupled all local users from the local admin group. However, after years of people getting accustomed to that, we decided to gently roll out that plan by decoupling folks on a case by case basis, mostly when new PCs were deployed.

      And I think we used an old version of l0phtcrack which cracked our local admin password like a rotten almond. Guess we weren’t as clever as we thought. =)


Leave a Reply

Follow TheNubbyAdmin!

follow us in feedly

Raw RSS Feed:

Contact Me!

Want to hire me as a consultant? Have a job you think I might be interested in? Drop me a line:

Contact Me!

Subscribe via Email

Your email address is handled by Google FeedBurner and never spammed!

The Nubby Archives

Circle Me on Google+!

Photos from Flickr

Me on StackExchange

The IT Crowd Strava Group

%d bloggers like this: