Windows 7: How to SET Administrator Password???

You're talking about a 'secure password' for the Administrator's account that no one else can breach, right?

As the net user command has to be run as an administrator, to work on an admin level account, there is control on the net command . As long as the system is correctly locked down this should not cause a security issue.

The actual command is set to run without user input to allow batch action - For example It may be required to set the local admin password on a domain of thousands of systems. This is where batch scripts have to be used as not all accounts have Group policy/Security Policy templates.

To be honest it's just as likely to be used to disable or delete the accounts than to set passwords, but scripts are an essential part of a sysadmin's tool-kit

well, that makes more sense to me than anything I had thought of, but it sure is a hole in the walls of the system!! think how easy that is to break.
I don't recall XP being quite that forgiving.

I have not yet tried this, but if I go crank up from a cold start and select "Safe Mode - Command Prompt", I bet I will have zero challenge in running the script to activated Admin and change that password to whatever I [or someone nefarious] wants??

As far as I can recall the Net command and it's subset has not changed much if at all since it's inception in the windows product line - NT3.5 I believe. XP had access to the same commands

As for the safe mode workaround that was present in XP, this loophole was closed with Vista - even if you select safe mode with command prompt you are still required to provide login credentials. If you do not have administrator credentials available you will not be able to to run the Net command to work with administrator level accounts.

There are ways to circumvent the current windows security, of course, but even these can be made more difficult by hardware and bios controls such as preventing the boot from external devices.

As for the hidden administrator account it is good practice to enable this add a secure password (30+ character strong password), and then disable it again.

we have sorta crept into a broader topic, but even boot password is not going to protect if hd is lifted. I recently cracked a HD that had its own password, and I was a tad disappointed. Are passwords on HD's peculiar to just some mftrs? the one I reference was a toshiba laptop drive, branded by toshiba.. .not sure the origin of the firmware.
It fell to Paragon B&R

The problem of data security is one that depends on the value of the data concerned. In areas where data is hyper-critical it is not unusual for the drive to be lifted at the end of the working day - and stored in a secure fireproof location. Physical security taking over where software leaves off.

In the good old days this was a case of a floppy or Zip drive which was the o9nly place mission critical data was stored and even the temp files were deep erased at the end of each day.

There are also various military strength encryption systems for current drives which are, although not un-breakable, beyond the tools available to the normal user.

The lock systems provided by drive manufacturers are more to dissuade the casual thief than the professional data miner, the problem with OEM security is that it tends to be friarly simple and also made available to too many people by default.

That's a good point, but I'm wondering if the massive move to virtualized devices is a response to the failure of other measures? All server farms that I know of today are virtualized by one means or another. if a "server" is compromised, it merely dissipates to the bit-bucket. no material harm done. No forensic trail at least on the premises.

But if I follow you, ultimately this is the best for now: make a removable device bootable and storable, run everything that matters on that device, encrypt the device on a platform other than the one the work was done-on, and remove from the physical premises.

There is an quality article here. I think it must be read: Create Administrator Account and Password on Windows 7