How to bypass entering Admin Password in the UAC

I installed Windows Vista Business 32-bit version about a month ago and the
installation made my default account and Administrator account with a strong
password. I also created a Standard User account. I switch between both of
these accounts because I want to see how programs run between these two
account levels and the security differences.

When running Vista using the Standard Account, I entered the Administrator
password when prompted. This after a while gets tedious.

I looked in Vista's Local Security Policy - Password Policy and I
surprisingly found the 'Password must meet complexity requirements'
DISABLED.

I then switched to my Adminstrator account, went to User Accounts and
REMOVED the password from the Administrator account.

I logged in to my Standard User account in Vista, I can now run all
Administrator tasks and access Administrator programs without needing to
enter any password.

Why does Microsoft require you to enter a complexity password when
installing Vista and defaults the Local Security Policy - Password Policy
setting to DISABLED on this feature?

As a Standard User now, I can run any Admin task or program without entering
the Admin Password.

You are entering a password - a blank one. This is different from no
password as no password will accept anything. You must enter the exact
password you specified - blank.
-
"Mark (MCP)" <nipperspot-at-gmail-dot-com> wrote in message
news:uJYbRCDXHHA.1432@TK2MSFTNGP02.phx.gbl...
>I installed Windows Vista Business 32-bit version about a month ago and the
>installation made my default account and Administrator account with a
>strong password. I also created a Standard User account. I switch between
>both of these accounts because I want to see how programs run between these
>two account levels and the security differences.
>
> When running Vista using the Standard Account, I entered the Administrator
> password when prompted. This after a while gets tedious.
>
> I looked in Vista's Local Security Policy - Password Policy and I
> surprisingly found the 'Password must meet complexity requirements'
> DISABLED.
>
> I then switched to my Adminstrator account, went to User Accounts and
> REMOVED the password from the Administrator account.
>
> I logged in to my Standard User account in Vista, I can now run all
> Administrator tasks and access Administrator programs without needing to
> enter any password.
>
> Why does Microsoft require you to enter a complexity password when
> installing Vista and defaults the Local Security Policy - Password Policy
> setting to DISABLED on this feature?
>
> As a Standard User now, I can run any Admin task or program without
> entering the Admin Password.
>
>
>

<.> wrote in message news:Og58zGDXHHA.4668@TK2MSFTNGP04.phx.gbl...
> You are entering a password - a blank one. This is different from no
> password as no password will accept anything. You must enter the exact
> password you specified - blank.

In Vista the default Administrator account should always have a password.
Microsoft addressed this issue in Windows 2000 and Windows XP where the
Administrator account required a password and to my knowledge it could not
be removed (as in blank password).

Only on server. And vista does not require a password.
"Mark (MCP)" <nipperspot-at-gmail-dot-com> wrote in message
news:%23FkmuMDXHHA.4764@TK2MSFTNGP05.phx.gbl...
> <.> wrote in message news:Og58zGDXHHA.4668@TK2MSFTNGP04.phx.gbl...
>> You are entering a password - a blank one. This is different from no
>> password as no password will accept anything. You must enter the exact
>> password you specified - blank.
>
> In Vista the default Administrator account should always have a password.
> Microsoft addressed this issue in Windows 2000 and Windows XP where the
> Administrator account required a password and to my knowledge it could not
> be removed (as in blank password).
>
>
>

>
> As a Standard User now, I can run any Admin task or program without entering
> the Admin Password.

That's cool. Makes it much easier for malware to take over the system.

I just set my admin password in XP to blank. It can be done. However,
certain tasks will now fail. Remote desktop comes to mind.

"Mark (MCP)" <nipperspot-at-gmail-dot-com> wrote in message
news:#FkmuMDXHHA.4764@TK2MSFTNGP05.phx.gbl...
> <.> wrote in message news:Og58zGDXHHA.4668@TK2MSFTNGP04.phx.gbl...
>> You are entering a password - a blank one. This is different from no
>> password as no password will accept anything. You must enter the exact
>> password you specified - blank.
>
> In Vista the default Administrator account should always have a password.
> Microsoft addressed this issue in Windows 2000 and Windows XP where the
> Administrator account required a password and to my knowledge it could not
> be removed (as in blank password).
>
>
>

"ray" <ray@zianet.com> wrote in message
newsan.2007.03.01.19.03.56.976543@zianet.com...
> That's cool. Makes it much easier for malware to take over the system.

.....and he probably still has UAC running. Now, for no good reason.

I hope this was all "for a test". Or just an experiment. If you're going
to bypass UAC you might as well just turn it off.

However, to answer your question. They set it that way because this pisses
the average user off. People use certain passwords and if they don't
conform to a standard and the user needs to use something else...well, that
just causes a ruckus! MS decided not to piss people off and allow them to
use their own passwords as they see fit. With the exception of the admin
password. That's the one password they wanted to be strong.

In XP, there are many tasks that will fail with the Admin account having
a blank password.

On 3/1/2007 5:26 PM, Justin:
> I just set my admin password in XP to blank. It can be done. However,
> certain tasks will now fail. Remote desktop comes to mind.

You can actually allow that too (Local Security). But one would have to
choose a user name noone can guess and make sure default accounts that
haven't been renamed have passwords (because their names are well known).
"Justin" <None@None.com> wrote in message
news:Oq5X3EFXHHA.1016@TK2MSFTNGP04.phx.gbl...
>I just set my admin password in XP to blank. It can be done. However,
>certain tasks will now fail. Remote desktop comes to mind.
>
> "Mark (MCP)" <nipperspot-at-gmail-dot-com> wrote in message
> news:#FkmuMDXHHA.4764@TK2MSFTNGP05.phx.gbl...
>> <.> wrote in message news:Og58zGDXHHA.4668@TK2MSFTNGP04.phx.gbl...
>>> You are entering a password - a blank one. This is different from no
>>> password as no password will accept anything. You must enter the exact
>>> password you specified - blank.
>>
>> In Vista the default Administrator account should always have a password.
>> Microsoft addressed this issue in Windows 2000 and Windows XP where the
>> Administrator account required a password and to my knowledge it could
>> not be removed (as in blank password).
>>
>>
>>

On 3/1/2007 5:32 PM, Justin:
> I hope this was all "for a test". Or just an experiment. If you're
> going to bypass UAC you might as well just turn it off.

Vista is on a test system. I would use this type of method to bypass
UAC, I'd just disable it.


> [...] MS decided not to piss people
> off and allow them to use their own passwords as they see fit. With the
> exception of the admin password. That's the one password they wanted to
> be strong.

If Microsoft wanted the Administrator password to be strong, is a blank
administrator password considered this?