The Most Common Ways of Breaking into a Windows PC
In the virtual world, just like in the real one, there is no security that cannot be bypassed or cracked. No matter what security companies tell you, no matter what any ad might claim, if someone puts enough effort into it, he or she will eventually get around those safety measures. I'm pretty sure you already knew this but, in case you didn't, thinking that your files are safe because you're using a Windows password is an incorrect assumption. However, since I can't offer you a guaranteed solution, I thought it would be helpful for you know the most commonly used methods of breaking into someone else's PC. This will, at least, give you the advantage of knowing what to expect and how to make things as difficult as possible for the other party.
Trinity Rescue Kit
In order to gain access to someone's Windows account, all you need is a little bit of time and the right tools. For example there is this sly tool called Trinity Rescue Kit, which was originally designed to help people who got locked out of their own computers regain access by resetting their Windows password. But since the road to hell is paved with good intentions, this Linux-based tool is mostly used to reset passwords from other people's operating systems.
The way it works is not very complicated, but, as previously stated, requires some time. All the attacker needs to do is go to the Trinity website, download the Trinity Rescue Kit ISO file and burn it to a disk or make a bootable USB memory stick. When that's done, they will simply find an opening (when you are far away from your PC) and boot the computer from the previously mentioned kit. It will take a while for the disk / USB to load, but once the main menu is ready, things are very simple, and in just six easy steps your password will be gone: Windows Password Resetting --> Interactive Winpass --> < select partition > --> Edit User Data and Passwords --> < Windows username > --> Option 1: Clear (Blank) User Password.
In order to protect yourself against this method, the best thing for you to do would be to encrypt the entire operating system with a tool like TrueCrypt (free). If the password is wiped (like it was in the above case), the person behind the attack won't be able to access any of your files. Additionally, this method does not work on Windows 8 users who log-in with their Microsoft account. However, if they use a local account, the tool can easily bypass it.
Ophcrack is another evil tool, and this one was developed with nasty intentions from the get go. This method is used to find the user's password, so a solution like TrueCrypt won't work this time, as the person breaking into your PC will also have access to the encrypted files. Furthermore, this nasty application also works against Windows 8 users who use their Microsoft accounts to log-in, so previous defenses are off the table.
The way this hacking tool works is the following: the attacker downloads the Ophcrack Live CD, burn it on a disk or copy it on stick and boot your PC using the respective device. Then all he or she has to do is instruct the tool to start cracking the password. Furthermore, if the hacker is in a hurry, there is also a text mode which could speed things up, but it doesn't work against randomly generated passwords (those that don't make sense). When it's done, the tool will display the password(s) found, and then all the other person has to do is boot normally and log in with your account to gain full access.
I know it sounds pretty grim, but it's actually not as bad as you might think, as the tool uses a direct attack method called Rainbow Tables, and it has to make use of your hardware in the attempt to crack the password. This means that your CPU is responsible for trying millions of combinations, and if you're not using top of the line technology, that might take a while. Furthermore, if you use a long password (15 or more characters), especially one that won't make sense to others, you can delay the crack for a very long period and maybe even ensure that the hacker doesn't have enough time to crack into your system.
Another Linux-based solution, BackTrack is a free tool which is very easy to get a hold of. This program is capable of doing a lot of nasty stuff to a Windows-based PC, like accessing every available network resource, finding vulnerabilities, forensic analysis, etc. Furthermore, it can also use privilege escalation techniques to change or remove your Windows password, and unlike the previously mentioned attack, it takes very little time.
I admit, my hacking skills and knowledge in the area are limited, but as far as I know, this is one of the best and quickest solutions for attacking a single PC or several devices connected into a network. Unfortunately, there isn't much you can do to protect yourself against this kind of attack, as it will bypass your Windows password no matter what. The only available solution is encrypting your sensitive files and hope that the attacker doesn't have the know-how to crack the encryption, though he can simply copy them on a portable storage device and keep trying.
Linux Live CD
Let me put it this way: basically, anyone who has ever installed and used any Linux operating system knows how to break into your PC. The easiest solution to bypass the Windows password protection is to boot the PC from any Linux Live CD kit and then easily access all the files stored on the hard-disk. (As you can see, there is absolutely no hacking or cracking involved.) In case the files in question require special privileges, all it takes is the sudo nautilus command (which, once again, most people who use Linux know), and they can access everything,
Once again, the main solution for defending yourself against this is to keep your sensitive files (or the entire OS) encrypted.
As you've probably noticed, the main defense tactics against hacking attempts are strong encryption techniques and complicated passwords. In case you're not sure about what encryption tools do or which ones to use, I've already written an article about it, which you can find by clicking on this link. Additionally, in case you forgot your own password, you can also a find a piece about an alternative solution for bypassing the Windows password by clicking here.
However, what's even more important is that, as I've demonstrated in this article, attackers can get access to the files stored on Widows PCs pretty easily. This means that, even if those files are encrypted, hackers can copy them on a portable storage device, take the data with them and attempt to crack the protection for as long as needed. One could try more advanced security measures, such as self-destructing files or remote system wipes, but that's a lot more advanced, and we will talk about it in a future article.