How safe is your windows machine? Would Putting a password for your account and changing the administrator’s password, guarantee your machine’s safety? No it won’t.
Windows passwords are stored in a file called SAM which could be located at C:/windows/system32/config folder. It’s inaccessible from within windows. But all you need to get access to the SAM file is a bootable Linux CD. Once you boot from a Linux CD you can just navigate to the specified location and copy the SAM file. Believe me it is easy as that.
If you use Backtrack which is a popular Linux distribution used for penetration testing rather than a normal Linux distribution you can try to crack the SAM file without leaving the targeted machine. Backtrack has all the tools you would ever want for these kind of things. You can use ‘john the ripper’ to try to crack the SAM file with the use of a dictionary file. Which is nothing more than a collection of possible passwords. Or you can use this tool called chntpw which can be used to inject a username and a password to the SAM file. Then you can use that username and password to log into the system.
If you are booting from any other Linux distribution you can just copy the SAM file to a pen drive and take it home! yes take it home and crack it. You can use a tool like ophcrack to crack a SAM file.
Ok then here is the good news. You can easily protect yourself from these kind of attacks. The best way is to put a BIOS password and change the boot order in such a way that first choice to boot would be the hard drive. This would prevent booting the machine from bootable disks. If that is impossible, it is best to use characters other than alphanumeric characters such as ‘$#%’. These symbols make it hard to crack passwords.