Helping people with computers... one answer at a time.
It's simple to recover an XP password using an available utility, but the security ramifications of this need to be explored.
Hello, I'm wondering how to recover my lost password on my Windows XP. I do not have the administrator password. I only have the guest account and I have no administrator privileges. I would like to know what to do in my situation.
In this excerpt from Answercast #7, I show how easy it is to recover full administrative access to an XP machine and then go on to discuss the security issues implied with this.
It's actually very simple; there's an article on my site called "I've lost the password to my Windows administrator account. How do I get it back?" I suggest you go read that article, which will have you download a piece of software, burn it to a CD, and boot from it.
That utility will allow you to set a new Windows administrator password and from that, log into the machine and change all of the other passwords you want.
I mentioned this article here and I take this question again because it's a common question; but it also points out something that I think people really need to get their heads around and that is this - this is possible!
It is possible to get logged into a Windows machine without knowing its password if you have physical access to the machine.
The ability to boot from a CD with a third-party tool on it basically means that anybody who could walk up to your machine and do that can gain access to your machine. The only way to prevent this, that I'm aware of, is to either use full disc encryption (that requires a password before you can boot) or use a BIOS password that requires a password before you can boot. Both of those scenarios prevent a third tool either from booting or being able to access the unencrypted information on the hard disc.
Most people don't use those tools because they are an inconvenience.
I admit I don't use either of those tools. So the bottom line here is that people need to realize that physical security is the next level of defense. If you're in that situation, and somebody can walk up to your machine and reboot from a third-party CD, they could easily, trivially, get access to your machine.
I strongly suggest that, if you have concerns, you go read through that
article and see just how easy it really is.
Comments on this entry are closed.
If you have a question, start by using the search box up at the top of the page - there's a very good chance that your question has already been answered on Ask Leo!.
If you don't find your answer, head out to http://askleo.com/ask to ask your question.