Helping people with computers... one answer at a time.

It's simple to recover an XP password using an available utility, but the security ramifications of this need to be explored.

Hello, I'm wondering how to recover my lost password on my Windows XP. I do not have the administrator password. I only have the guest account and I have no administrator privileges. I would like to know what to do in my situation.

In this excerpt from Answercast #7, I show how easy it is to recover full administrative access to an XP machine and then go on to discuss the security issues implied with this.

Gain access to XP Machine

It's actually very simple; there's an article on my site called "I've lost the password to my Windows administrator account. How do I get it back?" I suggest you go read that article, which will have you download a piece of software, burn it to a CD, and boot from it.

That utility will allow you to set a new Windows administrator password and from that, log into the machine and change all of the other passwords you want.

Is your computer physically secure?

I mentioned this article here and I take this question again because it's a common question; but it also points out something that I think people really need to get their heads around and that is this - this is possible!

It is possible to get logged into a Windows machine without knowing its password if you have physical access to the machine.

The ability to boot from a CD with a third-party tool on it basically means that anybody who could walk up to your machine and do that can gain access to your machine. The only way to prevent this, that I'm aware of, is to either use full disc encryption (that requires a password before you can boot) or use a BIOS password that requires a password before you can boot. Both of those scenarios prevent a third tool either from booting or being able to access the unencrypted information on the hard disc.

Most people don't use those tools because they are an inconvenience.

I admit I don't use either of those tools. So the bottom line here is that people need to realize that physical security is the next level of defense. If you're in that situation, and somebody can walk up to your machine and reboot from a third-party CD, they could easily, trivially, get access to your machine.

I strongly suggest that, if you have concerns, you go read through that article and see just how easy it really is.

Next - How do I get my cursor larger so I can see it?

Article C5185 - April 9, 2012 « »

Share this article with your friends:

Share this article on Facebook Tweet this article Email a link to this article
Leo Leo A. Notenboom has been playing with computers since he was required to take a programming class in 1976. An 18 year career as a programmer at Microsoft soon followed. After "retiring" in 2001, Leo started Ask Leo! in 2003 as a place for answers to common computer and technical questions. More about Leo.

Not what you needed?

2 Comments
Neldon
April 10, 2012 10:00 PM

Leo: Try this
control userpasswords2
If you dont have access to the computer because of password then Go to Safe mode, Normaly by tapping F8 during boot up.
When you reach safemode click Start, Run, type in the following as two words, control userpasswords2
then click OK.
Up pops a box that offers you the option of entering the pass word or changing the password. Click, reset password, put in what you want as a password an your good to go.
You dont need the password to change it.
If your already on the computer then you can do this without safe mode.
Best $5 i ever spent was for a computer that no one could get into because of lost password.
You dont need no disk or a program.

lagare
April 13, 2012 1:23 AM

I always refer to google search, such as:

Recover Lost Windows XP Password
Forgot XP Password
......

Comments on this entry are closed.

If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.

If you don't find your answer, head out to http://askleo.com/ask to ask your question.