Repeatedly having my Windows 10 Account Passwords Hacked.

[Thelps]

Wondering if anyone here knows high-security ways to secure the Windows SAM (Security Accounts Manager) file from being hacked via remote network access or physical access to an unattended machine.

Have already informed the police (though they don't do anything) that a neighbour or local burglar enters the property when I'm out and copies written passwords. They may also install malware on the computer or perhaps all hacking is done remotely via installed malware.

Regardless, the local area constantly give me the impression that my computer activity is closely watched.

Can anyone answer the questions in the first paragraph or give me advice on how to maximise security and the privacy of my computer and its usage?

 

[Bif]

The only thing I can say is to use a ridiculously strong password using hexadecimal,upper and lower case letters.
And DON'T LEAVE PASSWORDS WRITTEN DOWN IN PLAIN SIGHT..
Just an FYI, ALL of your computer activity is always being closely watched regardless of compromised passwords.

 

[Trouble]

AND...... You should probably consider wiping it completely if you're convinced that it is compromised.
You can create the best password in the world, but if you have a keylogger watching you, it's a waste of time and effort.
Get the installation media, wipe the machine as in low level format, disconnect it from any network, perform a clean custom install, change all your usernames and passwords everywhere, even if it means creating new accounts from scratch.

 

[Thelps]

I appreciate the above advice and have very recently fully reinstalled the OS. I'm beginning to think it's a neighbour since the passwords are guessed so quickly.

If it is then this surely counts as harassment as well as a slew of other crimes. I just wish they'd leave me alone.

Anyway, if anyone can think of more inventive ways to identify the hacker or intruder or evidence of their efforts, or very inventive ways of securing the computer in order to discourage them it would be very helpful.

 

[Tim Locke]

Reinstall the machine with Linux. Don't write down passwords. Don't use WiFi.

 

[Tim Locke]

A simple question. Do you have remote access turned on? Have you ever turned it on?


Another one. Do you see anything in startup ( use Task manager) that you are not sure about? And do you see any services that look suspicious?

And yet another. Any accounts on the machine that you didn't put there?

 

[Thelps]

A simple question. Do you have remote access turned on? Have you ever turned it on?


Another one. Do you see anything in startup ( use Task manager) that you are not sure about? And do you see any services that look suspicious?

And yet another. Any accounts on the machine that you didn't put there?

I'm probably confused, but under Settings > Accounts I am the only account on the machine.

There are, of course, multiple Auditing accounts (Administrator, Administrators, System, etc.) though my understanding is these are all automatically managed from the computer.

I once had the Remote Desktop service active to allow Microsoft tech support to troubleshoot the machine. It is now disabled.

I once also thought I saw it listed as 'Running' under Services.msc despite the fact its Status was set to 'Disabled'. I may have been tired and misread what was there but if you're familiar with any malware that shows that exact symptom that might help me clean the machine and identify the infection vector.

 

[Norton]

Is your modem WEP - WPA secured? I would be turning off my SID broadcast name, changing the access password and also PC password.

 

[Thelps]

I've tried all of the above suggestions at one time or another but so far no solution has resulted in the desired effect.

I can only assume that my internet use is being actively monitored by an individual or group of individuals (rather than by an automated system designed to prevent crime or security breaches).

If anyone has some expert knowledge as to how to identify hacking attempts on the local hardware and how to obfuscate internet use across the ISP and wider internet - that would be ideal.

 

[Bif]

Just contact you IPS and let them know of your concern.. they should be able to make suggestions as what to do..

 

[Trouble]

I've tried all of the above suggestions at one time or another but so far no solution has resulted in the desired effect.

And despite all that .... you're still being targeted and harrassed?

Do you have any idea what has made you so popular with this person or persons?
What is on your computer that someone needs so badly?
Have you lost any critical data, passwords, credit card numbers, bank account numbers, something that you can provide to the police as evidence of a crime?
Anything left on your computer as possible evidence of cyber-stalking, or cyber-bullying?
Do you have any suspicions or suspects (friend, family member, neighbor, stranger)?

There are professionals who specialize in forensic examinations who may be able to assist you or possibly even a local, trusted, tech shop that might be able to suggest a combination of physical firewall products coupled with software to protect yourself against this type of harassment.

 

[Thelps]

I tried setting up an IPS on my last clean install of this OS

Just contact you IPS and let them know of your concern.. they should be able to make suggestions as what to do..

I tried configuring an IDS on my last clean install of this OS but I probably didn't follow the instructions correctly. Furthermore it was a poorly designed IDS and only detected intrusions - it did not prevent them.

Mainstream, paid-for Antivirus software seems to send so much data back to the central server network of the vendor as to constitute a form of spying in and of itself.

Has anyone successfully maintained the absolute privacy of the contents of their computer and total privacy of their internet usage?

I'm trying to do work on my computer but am constantly publicised to various data-collection agencies / companies who, when I fail to purchase their products, proceed to further publicise exactly the work which could result in me getting paid enough to even consider their merchandise.

I'm trying to maintain the privacy of my work and influences long enough to allow me to develop a unique product, rather than one that is clearly the result of a series 'rip-offs' of other people's work.

 

[Bif]

I meant to say ISP.. they may have a handle on it.
I'm at a loss as why you are being targeted.

 

[Thelps]

I meant to say ISP.. they may have a handle on it.
I'm at a loss as why you are being targeted.

I don't know either.

This is usually described as 'third party influence' in my diction. Someone who assumes you want something without being able to cater to their own wants and needs. Third parties usually become extremely reactionary when their services are declined, which is why I'm nervous as to the results of my requests for internet privacy.

I can only hope that most people on this forum realise that when content / data is uploaded to an internet server and when that server receives a request for such data, there really is absolutely no need for any human being whatsoever to be aware that such an exchange of information occurred between client and server.

The only event such record is even needed is if activity occurred that directly 'red flags' specific contents of a server's activity log and even then only that data exchange requires inspection.

I'm presently in a situation where most of my activity is observed. If I have performed any behaviour that contravenes such 'laws' of the internet then I would expect a warning or request for change of behaviour from a neutral party, be they 'third' or otherwise.

 

[Tim Locke]

What make and model is your router. Is your ISP connection automatic with DHCP? Did you ever log on to your routers admin page and change its password?

Routers can be hacked but it is unlikely but I think that the routing tables could succumb to a man-in-the-middle attack where all your traffic is being intercepted...unlikely but not impossible.

 

[Bif]

As well, did you use the default router password when setting things up or did you change it?
It's scary as hell how many folks just use the default password..this could very well be the problem.

 

[Thelps]

Indeed. A mobile phone set to 'sniff' a router's broadcast frequency will pick apart any broadcast encryption in a matter of hours if not faster.

Changing the password becomes more of an inconvenience for the user than the individual automating such a task. However, such an automated task should fall under the crime I define as 'hacking' though which I'm sure security experts have a more technical term.

Regardless, Wi-Fi is the least secure of all data distribution methodologies of which I'm personally aware.

You would continue to assume that such activity remains criminal, however, and further reduces the productivity of someone attempting to work to develop a saleable product. If this is contrary to a more corporate mentality of how to go about developing products, it wouldn't be beyond the corporations budget to effectively 'ignore' an individual that isn't on their payroll and which has respectfully and politely declined such 'services' on numerous occasions.

 

[Bif]

I'm not sure what you're objective is anymore.. legal action?.. advice on legal action?..?
Not certain if the info you are looking for is here..

 

[Thelps]

I can't really disagree with you Bif.

I suppose I'm looking for a very in-depth, technical forum as far as Windows is concerned.

The advice provided above is useful but unfortunately mostly the kind of information of which I'm already aware.

If anyone has more technical, in-depth knowledge of ways to protect against the slew of freely available, well-publicised tools to hack a computer, could they please PM me.

Much appreciated for all your assistance.

 

[Grizzly]

Wondering if anyone here knows high-security ways to secure the Windows SAM (Security Accounts Manager) file from being hacked via remote network access or physical access to an unattended machine.

turn off remote access in the first place and do not let anyone remotely access your computer, not even "Microsoft".
second: don't you lock your doors when you are out? an Alarm system and/or surveillance system may help to indentify unwanted persons...
how did you know you have been hacked??