Practicing good IT security is not always convenient. It can be tedious to change passwords without a dedicated password tool, but password rotation is a necessary step. Even though I don’t have an ideal tool for this task, I will show you how to rotate the local admin password on one of our servers. So, let’s log in and change it!
With previous versions of Windows, this was a bit easier. However, Server 2012 made some changes from 2008 that require additional steps since it doesn’t have “Windows Security.” From your workstation, you would remote desktop (RDP) to our Jump Box, then remote desktop to the server. Then you click on “Windows Security”:
You can still change it by going to “Computer Management” and then \Local Users and Groups\Users\ right-clicking on the administrative user and selecting “set password”:
However, Server 2012 will present a warning, as this is not the recommended way for a variety of reasons; including encrypted file system (EFS) issues. If you press CTRL+ALT+DEL as instructed, you will receive a prompt on our local workstation. If you press CTRL+ALT+END, as we’ve learned from years of RDP, you will receive a prompt on our Jump Box:
At this point, it seems you are stuck – an unintended consequence of Microsoft’s changes from Server 2008 to 2012. So how do you safely change my local admin password?
How to Change the Password in a Remote Desktop Session
Step 1: For tablet and accessibility support, Windows includes an on-screen keyboard (OSK)! Start -> Run -> osk.exe or search for osk:
**NOTE: When you type CTRL+ALT+DEL on the OSK, it also gives a warning!
Step 2: Hold down CTRL+ALT on your physical keyboard and click DEL on the OSK:
Step 3: The correct “Change Password” prompt will finally appear:
This may seem more inconvenient since there is not a dedicated tool. But this method addresses the problem without having to utilize a tool, so you can secure your password quickly and move onto other tasks.
Credit for this post should be shared with friend of SealingTech, Tony Pimenta.
– By Austin McAlexander SealingTech is proud to provide our customers and mission partners with industry leading carry-on compliant server hardware while maintaining the performance characteristics of traditional data center…
More than ever, cybersecurity, as an industry and as a field, has been growing exponentially in terms of the workforce and reach. From commercial and conglomerate entities such as banks,…
Over the past 3 years, I have been supporting Defensive Cyber Operations (DCO) capabilities for various Department of Defense (DoD) customers, along with an additional 7 years within Network Security…
Sign Up for Our Newsletter
Get all the recent SealingTech news and updates right to your inbox monthly.