Technology in terms you understand. Sign up for the Confident Computing newsletter for weekly solutions to make your life easier. Click here and get The Ask Leo! Guide to Staying Safe on the Internet — FREE Edition as my thank you for subscribing!

How do I determine, not reset, the Windows administrator password?

Question:

How do I get the administrative password on Windows 7? I don’t want to reset
it; I just want to learn how to know the password

In this excerpt from
Answercast #91
I look at the (fortunate) impossibility of determining an
encrypted password, and the possibility of resetting it.

]]>

Determine administrator password

Well, the short answer is that you can’t. The password is encrypted.

Trying to extract and understand what the password is currently set to requires defeating the encryption. That’s why all of the responses I have to people who have actually lost their administrator password (or somehow lost the ability to login to their Windows machine) actually involves using a tool that resets the Windows password to something that you know.

If you are actually facing a problem in trying to access a machine, and you don’t know the password, you have to reset it to a password that you know.

Password resetting tools

Now, there are tools, one in particular called Ophcrack. I don’t recommend it but it’s important that you know it exists.

What it boils down to is: if you’ve chosen a poor password, it may be able to determine what that password is. The way it does that is by trying pretty much all possible passwords or at least all possible somewhat-common passwords.

We’re talking thousands, and thousands, and thousands of passwords- perhaps even millions of passwords that its able to try. It does take some time to do that!

Can’t crack a good password

I will tell you that I tried the program some time ago just to see if it could crack my password – and my password, while it’s not great… it’s good. And it was unable to crack my password.

That’s the tool that hackers typically will point at to say, “You know what? If you want to get into a machine, if you want to discover a password, that’s the tool to use.”

I use that as an example because even that tool will fail if you choose an appropriately complex and non-obvious password. So make sure you’re doing that, in general, when you’re setting up passwords.

If that’s the kind of password that’s on a machine then I know of no way to determine what the password is; only how to reset it to something specific.

(Transcript lightly edited for readability.)

Do this

Subscribe to Confident Computing! Less frustration and more confidence, solutions, answers, and tips in your inbox every week.

I'll see you there!

6 comments on “How do I determine, not reset, the Windows administrator password?”

  1. I’ve used a Linux program that just replaces the password with a bland one. I used Ophcrack once and while it worked it took a couple of days to break the password. I’m just too impatient to wait that wrong.
    I never had any problem logging into any of the systems that I hacked that way EXCEPT, and this is an important exception, when the computer had been on an active domain. In that case the Linux method does not work, at least in my experience.

    Reply
  2. I personally think that the most common reason someone would want to determine the account password without resetting it, would be to crack into someone else’s account. Otherwise, resetting should be a workable solution.

    Reply
  3. Resetting is the way to go. If the user forgot the password the 1st time, they will probably do forget it again.

    Use HBCD to reset it

    Reply
  4. I thought Ask Leo ignored these questions about cracking passwords. A password reset will make any encrypted file unreadable, i heard it somewhere, maybe here, years ago.

    I don’t think a password change will affect BitLocker encryption, but I could be wrong. I know that an account *loss* will render the encrypted data unrecoverable. That’s why I strongly dislike BitLocker and Windows built-in encryption, in favor of technologies like TrueCrypt.

    Leo
    30-Jan-2013

    Reply
  5. As Mark J mentioned, this questioner must have an underhanded motive. My guess is a teenager wanting to bypass their parents’ rules and restrictions.

    Reply

Leave a reply:

Before commenting please:

  • Read the article.
  • Comment on the article.
  • No personal information.
  • No spam.

Comments violating those rules will be removed. Comments that don't add value will be removed, including off-topic or content-free comments, or comments that look even a little bit like spam. All comments containing links and certain keywords will be moderated before publication.

I want comments to be valuable for everyone, including those who come later and take the time to read.