[Geeks are Sexy] technology news

Tuesday, January 03, 2006

Forgot your Windows password? No problems : Password resetting and recovering techniques

password recoveryA lot of people think that after having lost their Windows admin password, they absolutely have to reinstall their OS. Let me tell you something: They are wrong! There are a couple of free utilities on the internet that let you get back in your system without a sweat (or almost). Some risks are associated with the procedure, but who cares? You do have to get back in right? Sometimes, applying strong password security measures to your account can have its negative side doesn't it? To help you out, at the end of this article, we linked a few articles to help you choose easy to remember, secure passwords.

As a system administrator, I've tried a couple of these utilities through the years, and my personal favorite is the Offline NT password & Registry editor. This utility is used to reset the password of any user that has a valid and local account on any NT based system: NT4, 2000, XP, Vista and 2003. If you need to reset a password stored in active directory, stop right here, this editor will not allow you to do it. Follow this marvelous guide instead
(Page won't load in IE, the author doesn't seem to like Internet explorer). You could also try to unravel the password using a brute-force hacking technique, but it could take a while.

The editor works offline. This means that you will have to shutdown your system and use the utility on a bootable media. A fully functional automatic bootdisk creator can be downloaded via the author's website (on the bottom of the page). The created disk has everything you need to start working on your inaccessible system. The bootdisk supports IDE, most SATA controller and also some SCSI controllers. You can also access the editor via the Ultimate Boot CD. UBCD is a very good product that gives you access to a lot of essential freeware tools to help you diagnostic various computer problems.


How does it work? Just follow the instructions provided by the author. They are pretty straightforward, with minimal interaction required by the user, so most default choices will get you through.

WARNING: If you have some encrypted files (EFS) saved on your system and you reset a password, all the files for that user will become unavailable. You could always recover them using an EFS recovery software like the Advanced EFS Data Recovery utility from Elcomsoft. This utility works great, but it is not free. To prevent this from happening, you can also consult this detailed article from Microsoft about Data Protection and EFS Recovery.


If you want to try your luck with something else, you may want to check Austrumi out. Austrumi is a live Linux distribution CD that allows you, amongst other things, to reset your password the same way the Offline NT password & Registry editor does. Just create a bootable CD with the provided ISO, and boot on it. When you get at the prompt, type boot: nt_pass. This will start the utility and display a menu that let you modify any user's password on the current system. NT_pass is only included in version 0.9.2, so be sure to get this distribution if you want to use this feature.

Another technique to recover your password would be to use a software that let you do some brute-force hacking on your SAM database. Please consult these other [Geeks Are Sexy] articles (here and here) to learn more about the procedure. Just remember that if you applied some good password security measures before attempting this, this technique will not work.

Speaking of password security, here are a few other ressources that you might find interesting:

How to Write Better Passwords
The Simplest Security: A Guide to Better Password
Pass the Chocolate / Safe and Simple Passwords

Add to Del.Icio.Us

If you enjoyed this post, take a few seconds of your time and subscribe to our feed! [GAS] is updated multiple times per day and is enjoyed by over 100000 unique visitors each month. You can also help us keep the blog running by donating whatever amount you can. Even $1 will make a difference.

Creative Commons License
Other [GAS] Technology articles


  • do these programs work for XP home edition or only NT?

    By Blogger Resident Weevil, at 8:57 PM  

  • "Reboot and safe mode and change password?"

    Dude, know your stuff before posting your solutions.. If a password is required to log in your system, it will ask it in safe mode also.

    By Blogger Kiltak, at 9:21 PM  

  • 1) copy cmd.exe out of system32
    2) rename as logon.scr
    3) paste it back in system32 and replace current one
    4) log off and wait for the screensaver. it will be a command prompt. use [net user]

    By Anonymous Anonymous, at 11:44 PM  

  • great articles on this site (password and hd recovery). i liked them, so i linked to them.

    thanks for the comment on my blog. but how did you find my post so quick?

    By Blogger beef_stew, at 12:08 AM  

  • I got locked out of XP and gained access with a Windows '98 boot disk and the XP CD-ROM.

    After 10 minutes I was signed on as an administrator and even better, there were no files that got lost

    There are definitely easier ways but this is good for those that are completely lazy.

    By Anonymous Will, at 11:22 AM  

  • It does work, I used it tons of time.. and 3-4 time with SP2

    here is from the author's site:

    "Tested on: NT 3.51, NT 4 (all versions and SP), Windows 2000 (all versions), Windows XP (all versions, also SP2), Windows Server 2003 (at least Enterprise)."

    And by the way, I don't edit comments, I delete them..

    By Blogger Kiltak, at 10:12 PM  

  • Oh, and for your information, it is recommended that you BLANK the password with * if the reset doesnt work.

    By Blogger Kiltak, at 10:15 PM  

  • Thanks for the tips :)

    By Anonymous Martin, at 3:53 AM  

  • I've used safe mode several times, most recently on a computer loaded with XP Pro, with several users and an administrator.

    Normal logon required a password -- which was lost. Safe mode did NOT require a password. In safe mode I was able to delete users, change passwords, assign admin and so on.

    Worked perfectly

    By Anonymous degustibus, at 12:31 PM  

  • Unfortunatly, most of the time, the Admin account has a password. Your solution only works if the admin account (or any other account with admin priviledge) has a blank password.

    By Blogger Kiltak, at 12:35 PM  

  • I use a small program named DreamPackPL, it temporarily replaces a Windows DLL named sfcfiles.dll with it's own DLL.

    It allows you to reset local passwords, add new accounts and even get on as administrator with NO password.

    There is even a utility to make a bootable CD image from your install CD with the replacement DLL already in place.

    I use it with Bart's PE
    http://www.nu2.nu/pebuilder/ which is and INVALUABLE resource.

    By Anonymous Anonymous, at 12:16 PM  

  • Will you guys please read the comment? :) Safe mode will not work if you need to get back in the admin account and its password was lost.

    People should always assign a password to their admin account. It's the secure thing to do.

    By Blogger Kiltak, at 3:22 PM  

  • Wow you are all really stuborn, as the guy said if you were ignorant enough to install Win without changing the Admin password of course Safe mode will work... but if you did change it this will not be the case. I mean come on ppl haven't you ever gone to a store press power button...restart...safe mode and admin...then delete the store user...and voila' Now only you have access to that Win box... try it some day

    By Blogger aBe, at 8:23 PM  

  • As was recommended by my friend "Anonymous" in the previous post, I removed all the "clueless users" comments. Please check your facts before posting.

    By Blogger Kiltak, at 9:23 AM  

  • "press power button...restart...safe mode and [log in as administrator]...then delete the store user"

    Well yeah, but if you're gonna assume the administrator password is blank (which is OT), there's a yet easier way.

    Choose "Log Out" to get to the pretty login screen with the icons for the normal users, and then hit CTRL-ALT-DELETE twice and you'll now be at the old standard login box where you can type the username and password. So just type in Administrator and press enter.

    This often can be used to fix neighbors' computers too...

    By Anonymous Brian Layman, at 1:46 AM  

  • as for the illiterates, they bother me, but they also tend to mess up and provide us who know what were doing with good money to fix monstrousley easy problems, such as a lost password. Also i tend to regard the "re-boot and safe mode-ers as semi clueless people"...but agreeing with kiltak, WHY WOULDNT YOU SET AN ADMIN PASS????

    thats jsut completely stupid, as to the comment about using the 98 boot cd i had tried that and i couldnt get it to work, but then again i didnt have the xp cd also, so that might ahve been it.

    there are many ways of doing this trick, my favorites are hope that they dont have an admin pass, and if so then the screensaver method is by far the easiest :)

    have fun :)

    By Blogger Yellow,, at 3:07 AM  

  • I'm surprised logon.scr isn't protected by SP2's Windows File Protection (WFP)...

    By Anonymous Brian Layman, at 8:00 PM  

  • that's all nice chat, but laptops with SafeBoot installed that have been left off the network long enough will have to be:

    1. rebuilt
    2. enabled with the help of SafeBoot tech support

    I'd say otherwise were it true, but even the mighty UBCD can't save you if SafeBoot is around.

    By Blogger John, at 3:32 PM  

  • Thanks a lot for those password security links!

    By Anonymous Anonymous, at 10:42 AM  

  • this works.....its great!can we protect this feature too or anyone can access any administrator's account through safemode....is there any method to recover bios password too??please reply....

    By Anonymous Anonymous, at 6:10 AM  

  • I recommend using a live cd called Ophcrack you get it through sourceforge, you boot to the disk and it runs a program that reads all the tables storing login passwords. The base only supports the ASCII character set but other versions offer more support. I've got it and I take it with me everywhere

    By Blogger Harold, at 12:08 AM  

  • It works. Thanks a lot!!

    By Anonymous Anonymous, at 7:12 AM  

  • Thanks for other recovery methods and password retrievers/crackers check out this blog AskTHeAdmin

    Great Blog - Great Information

    Thank You!


    By Blogger Karl L. Gechlik, at 12:35 PM  

  • Some lovely tips here, thanks.

    I have been locked out of a machine (not my fault) and was arguing with people on a forum about the logging into safe mode as admin without a password issue. I told them that it would still require a password if one is set, but they said, no no no. Anyway tried it and yes it asked for a password.

    They were clueless, to be honest so was I, the problem was we both remembered logging into safe mode as admin in the past and not entering a password. I put it down to the fact that the built in admin account had been deleted on the system after other admin accounts had been created, I thought perhaps you can log into the built in admin account in safe mode but not any subsequently created admin accounts. They tended to agree.

    Now that I've read this, yes, haha, it's obvious, the reason why I have been able to log into safe mode as admin before without a password is because there was no password!

    By the way, on my personal machines, and it looks like some of you think this is very stupid of me, (and it may well be, read the above) I tend to leave the admin password blank. Why, cuz it's only me using it, simple. I don't want to enter a password when I log on or set the admin account to log on automatically (if I did that, I wouldn't be using it, then there is a danger I'd forget it).

    I'm really loving the logon.scr trick! Never heard of that before. 3 things I'd like to know about if anyone can answer please:

    1)Can you normally configure screen saver settings as a normal user (like I say, I'm not often in as user)? You might need to turn it back on in some instances.

    2)When that command prompt comes up, what account are you, system? So you would have no probs using the "net user" command with "*"?

    3) Would the "control userpasswords2" command work?

    I've just realised all of these things can be quite easily tested by myself in about 5 mins. 5 mins is quite long though...

    By Anonymous Anonymous, at 6:04 PM  

  • Thank you, directions were easy to follow and the process worked like a charm.

    By Anonymous Anonymous, at 11:20 AM  

  • Hey,
    I'm not very good with the techinical aspects of computers, but i have lost my password and need to gain access without losing my files. I have windows XP pro and i dont have an administrator user name. Would anyone be able to explain the simplest way to reset my password and the windows login without losing all my files.

    Kind Regards

    By Anonymous Anonymous, at 1:41 AM  

Post a Comment

<< Home