random-c.livejournal.comI haven't done phone support in a while.
Had a developer phone up, asking for the main user password for an XPe system I'd built a while ago. I know what this password should be. We went through typing it in. No go. No caps lock, no character misunderstandings. Tried the admin user - straight in, and that's a far nastier password. There's a problem with the admin user however: someone's set the shell to nothing. Standard practice for the user setup but not for admin. OK. Up comes task manager, regedit, fix it. Reboot. Yay, we have a start bar. Maybe I didn't set the user password to not expire... nope, that's set. Aha! It's automatically logging on as the user, so the password will be in the registry in plain text.... and here we find the problem. Whoever had the box before this guy, and did this final setup not only borked the Administrator user setup, but they'd changed the box's password to Password, and updated the registry to match. And then didn't tell the dev they'd given it to. Nice. I wish I knew who to kill for this.