SOLVED

Why wasn't Microsoft still serious about Windows 10 security or social hacking?

%3CLINGO-SUB%20id%3D%22lingo-sub-997852%22%20slang%3D%22en-US%22%3EWhy%20wasn't%20Microsoft%20still%20serious%20about%20Windows%2010%20security%20or%20social%20hacking%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-997852%22%20slang%3D%22en-US%22%3E%3CP%3EI%20know%20there%20is%20a%20command%20on%20Windows%2010%20that%20can%20obtain%20the%20password%20of%20the%20specified%20wifi%20SSID%20like%20this%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3Enetsh%20wlan%20show%20profiles%3C%2FCODE%3E%3C%2FPRE%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENow%20say%20I%20am%20an%20administrator%20of%20a%20computer%20and%20home%20network.%20My%20computer%20is%20logged%20in%20with%20my%20username.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ENow%2C%20all%20a%20person%20has%20to%20do%20is%20sit%20on%20my%20chair%20and%20right-click%20on%20Command%20Prompt%20and%20choose%20Run%20as%20administrator.%20Execute%20the%20above%20command.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EDidn't%20Microsoft%20think%20about%20the%20repercussion%20of%20doing%20this%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EOn%20the%20Linux%20machine%2C%20if%20you%20want%20to%20access%20sensitive%20information%20like%20these%20your%20username%20and%20password%20are%20not%20enough.%20You%20have%20to%20enter%20su%20or%20superuser%20password.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EMy%20question%20is%3A%20after%20Windows%20XP%20which%20had%20several%20vulnerable%20ports%20wide%20open%20why%20wasn't%20Microsoft%20become%20more%20careful%20for%20Windows%2010%20about%20security%20or%20social%20hacking%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-997852%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3Esecurity%20intrusion%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Esocial%20hacking%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3Ewindows%2010%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-998176%22%20slang%3D%22en-US%22%3ERe%3A%20Why%20wasn't%20Microsoft%20still%20serious%20about%20Windows%2010%20security%20or%20social%20hacking%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-998176%22%20slang%3D%22en-US%22%3EHi%2C%3CBR%20%2F%3EI%20think%20there%20has%20been%20a%20misunderstanding%20there.%3CBR%20%2F%3E%3CBR%20%2F%3ELinux%20needs%20%22SU%22%20command%2C%20yes%2C%20because%20it%20is%20used%20to%20switch%20from%20normal%20user%20to%20Root%20user%20(the%20equivalent%20of%20Administrator%20on%20Windows).%3CBR%20%2F%3Eif%20you%20use%20the%20Linux%20as%20Root%20user%2C%20you%20won't%20need%20%22SU%22%20command%20anymore%20and%20accessing%20sensitive%20information%20on%20your%20Linux%20won't%20ask%20you%20for%20any%20passwords.%3CBR%20%2F%3E%3CBR%20%2F%3Eit's%20the%20same%20on%20Windows.%20if%20you%20log%20in%20as%20a%20normal%20user%2C%20you%20WILL%20be%20asked%20for%20Administrator%20(the%20equivalent%20of%20root%20in%20Linux%20that%20needs%20SU%20command).%20but%20if%20you%20are%20logged%20in%20as%20Administrator%20in%20the%20first%20place%2C%20you%20won't%20be%20asked%20for%20Administrator%20password%20again.%3CBR%20%2F%3E%3CBR%20%2F%3ELinux%20and%20Windows%20work%20the%20same%20way%20in%20this%20case.%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1000281%22%20slang%3D%22en-US%22%3ERe%3A%20Why%20wasn't%20Microsoft%20still%20serious%20about%20Windows%2010%20security%20or%20social%20hacking%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1000281%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F310193%22%20target%3D%22_blank%22%3E%40HotCakeX%3C%2FA%3E%26nbsp%3B%20I%20have%20a%20question%20though.%20Can%20I%20make%20a%20local%20user%20account%20along%20with%20an%20administrative%20account%20at%20the%20configuration%20time%20of%20windows%2010%20when%20I%20boot%20the%20computer%20for%20the%20first%20time%3F%20Or%20do%20I%20have%20to%20do%20it%20later%20when%20the%20configuration%20is%20done%20and%20windows%20is%20loaded%20on%20the%20computer%20with%20an%20administrative%20account%3F%20Because%20on%20Linux%20you%20have%20to%20create%20a%20local%20user%20account%20and%20superuser%20account%20during%20the%20Linux%20OS%20installation%20time.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1000346%22%20slang%3D%22en-US%22%3ERe%3A%20Why%20wasn't%20Microsoft%20still%20serious%20about%20Windows%2010%20security%20or%20social%20hacking%3F%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1000346%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F413290%22%20target%3D%22_blank%22%3E%40Adrian1595%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIt's%20not%20possible%20to%20create%202%20accounts%20during%20the%20first%20time%20Windows%20setup.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHowever%20It's%20possible%20to%20create%20a%20non-administrator%20account%20during%20the%20first%20time%20Windows%20setup.%20it%20will%20be%20from%20AAD%20(Azure%20Active%20Directory)%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevices%2Fazuread-joined-devices-frx%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure%2Factive-directory%2Fdevices%2Fazuread-joined-devices-frx%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EIf%20interested%3A%3C%2FP%3E%3CDIV%20class%3D%22lia-spoiler-container%22%3E%3CA%20class%3D%22lia-spoiler-link%22%20href%3D%22%23%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%20target%3D%22_blank%22%3ESpoiler%3C%2FA%3E%3CNOSCRIPT%3E(Highlight%20to%20read)%3C%2FNOSCRIPT%3E%3CDIV%20class%3D%22lia-spoiler-border%22%3E%3CDIV%20class%3D%22lia-spoiler-content%22%3E%3CA%20href%3D%22https%3A%2F%2Fproducts.office.com%2Fen-us%2Fcompare-all-microsoft-office-products%3FSilentAuth%3D1%26amp%3Bactivetab%3Dtab%3Aprimaryr2%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fproducts.office.com%2Fen-us%2Fcompare-all-microsoft-office-products%3FSilentAuth%3D1%26amp%3Bactivetab%3Dtab%3Aprimaryr2%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbusiness%2Fcompare-more-office-365-for-business-plans%3FSilentAuth%3D1%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbusiness%2Fcompare-more-office-365-for-business-plans%3FSilentAuth%3D1%3C%2FA%3E%3CBR%20%2F%3E%3CBR%20%2F%3E%3CA%20href%3D%22https%3A%2F%2Flazyadmin.nl%2Fit%2Foffice-365-comparison-chart-business-plans-vs-f1-e1-e3-and-e5%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Flazyadmin.nl%2Fit%2Foffice-365-comparison-chart-business-plans-vs-f1-e1-e3-and-e5%2F%3C%2FA%3E%3C%2FDIV%3E%3CNOSCRIPT%3E%3CDIV%20class%3D%22lia-spoiler-noscript-container%22%3E%3CDIV%20class%3D%22lia-spoiler-noscript-content%22%3E%3CA%20href%3D%22https%3A%2F%2Fproducts.office.com%2Fen-us%2Fcompare-all-microsoft-office-products%3FSilentAuth%3D1%26amp%3Bactivetab%3Dtab%3Aprimaryr2https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbusiness%2Fcompare-more-office-365-for-business-plans%3FSilentAuth%3D1https%3A%2F%2Flazyadmin.nl%2Fit%2Foffice-365-comparison-chart-business-plans-vs-f1-e1-e3-and-e5%2F%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fproducts.office.com%2Fen-us%2Fcompare-all-microsoft-office-products%3FSilentAuth%3D1%26amp%3Bactivetab%3Dtab%3Aprimaryr2https%3A%2F%2Fwww.microsoft.com%2Fen-us%2Fmicrosoft-365%2Fbusiness%2Fcompare-more-office-365-for-business-plans%3FSilentAuth%3D1https%3A%2F%2Flazyadmin.nl%2Fit%2Foffice-365-comparison-chart-business-plans-vs-f1-e1-e3-and-e5%2F%3C%2FA%3E%3C%2FDIV%3E%3C%2FDIV%3E%3C%2FNOSCRIPT%3E%3C%2FDIV%3E%3C%2FDIV%3E%3CP%3E%3CBR%20%2F%3EIt's%20Also%20possible%20to%20do%20it%20if%20you%20are%20trying%20to%20deploy%20Windows%2010%20on%20lots%20of%20machines%2C%20so%20you%20will%20create%20a%20Windows%2010%20installation%20image%20that%20is%20pre-configured%20with%20user%20accounts%20and%20settings%20(usually%20configured%20to%20be%20used%20in%20a%20company's%20environment).%3C%2FP%3E%3CP%3E%3CBR%20%2F%3Ebut%20if%20it's%20a%20personal%20PC%20and%20you're%20installing%20an%20original%20Windows%2010%20image%2C%20then%20it%20won't%20be%20possible%2C%20have%20to%20be%20done%20right%20after%20you%20finish%20installation.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Contributor

I know there is a command on Windows 10 that can obtain the password of the specified wifi SSID like this:

 

netsh wlan show profiles

 

Now say I am an administrator of a computer and home network. My computer is logged in with my username. 

 

Now, all a person has to do is sit on my chair and right-click on Command Prompt and choose Run as administrator. Execute the above command.

 

Didn't Microsoft think about the repercussion of doing this?

 

On the Linux machine, if you want to access sensitive information like these your username and password are not enough. You have to enter su or superuser password.

 

My question is: after Windows XP which had several vulnerable ports wide open why wasn't Microsoft become more careful for Windows 10 about security or social hacking?

3 Replies
Highlighted
Best Response confirmed by Adrian1595 (Contributor)
Solution
Hi,
I think there has been a misunderstanding there.

Linux needs "SU" command, yes, because it is used to switch from normal user to Root user (the equivalent of Administrator on Windows).
if you use the Linux as Root user, you won't need "SU" command anymore and accessing sensitive information on your Linux won't ask you for any passwords.

it's the same on Windows. if you log in as a normal user, you WILL be asked for Administrator (the equivalent of root in Linux that needs SU command). but if you are logged in as Administrator in the first place, you won't be asked for Administrator password again.

Linux and Windows work the same way in this case.
Highlighted

@HotCakeX  I have a question though. Can I make a local user account along with an administrative account at the configuration time of windows 10 when I boot the computer for the first time? Or do I have to do it later when the configuration is done and windows is loaded on the computer with an administrative account? Because on Linux you have to create a local user account and superuser account during the Linux OS installation time.

Highlighted

@Adrian1595 

 

It's not possible to create 2 accounts during the first time Windows setup.

 

However It's possible to create a non-administrator account during the first time Windows setup. it will be from AAD (Azure Active Directory)
https://docs.microsoft.com/en-us/azure/active-directory/devices/azuread-joined-devices-frx

 

If interested:

Spoiler


It's Also possible to do it if you are trying to deploy Windows 10 on lots of machines, so you will create a Windows 10 installation image that is pre-configured with user accounts and settings (usually configured to be used in a company's environment).


but if it's a personal PC and you're installing an original Windows 10 image, then it won't be possible, have to be done right after you finish installation.