|
Home »
Windows
» Windows User Interface
Summary: It turns out that resetting an Windows account password is frighteningly easy, as long as you have access to the machine.
Do you have physical access to the machine? Good. You can reset any Windows password on that machine that you like. And if that doesn't scare you, I really need to drive home a point. • First let's walk through what you need to do. The screen shots below are from my Windows Vista machine, but Windows XP and NT are also supported. Obligatory caveat - this utility has been around for a while, and has a good reputation. However, as with any third party software that's going to operate on sensitive system areas, you are always at risk. Make sure you have a good backup of your machine prior to performing these operations. And of course use of utilities of this nature are entirely at your own risk. "If it's not physically secure, it's not
secure."
First, download and burn to CD the Offline NT Password and Registry Editor. This is actually a highly customized version of Linux, that's designed to do exactly what the name implies: allow you to examine and edit the password information and registry of a Windows machine. Boot from that CD you just burned. You'll end up with something like this on your screen:
Don't let all the stark plain text worry you, the process for what we're doing is actually pretty simple. Here's the relevant portion of that screen, enlarged:
You can see that the utility has found multiple disks and/or partitions, and is asking which one I want to work on. In my case I know that the partition listed as the larger 1 (74207MB) is my Windows drive, so I enter 2 to select it and press Enter. Next:
After selecting the disk we want to use, the utility now asks us for the location of the registry. The utility has correctly guessed the location, Windows/system32/config, so all I need to is press Enter to move on. Next it asks more specifically what it is we want to operate on:
In this case the default answer Password reset, which indicates which portions of the system are to be worked on, is the correct one so all I need to do is press Enter. Now it asks what we want to do:
We're here specifically to operate on passwords, so once again the default answer of 1 is correct, and I simply press Enter. Now things get interesting.
You can see here that the utility has listed all the user accounts on my machine: Administrator, Guest, and the account I actually login with, "LeoN". It's asking which user account to operate on, and supplied "Administrator" as the default, so once again I press Enter, and we get to the reason we're here:
Now, obviously there are several choices here. My preference is to clear the password so that no password would be required to login, and of course make sure that the account is enabled. Once done, you can then login to the account in Windows and select a new password. Use the "Quit" options and further prompts to save data to disk, exit the utility and reboot back into Windows. Now, naturally, this has only been an overview of one type of operation. I recommend you familiarize yourself with the utility prior to using it, and review the documentation and FAQ on the web site. • So that was pretty simple, right? OK, maybe a little scary if you've never done something like that before, but you can see that it's pretty darned easy. Reboot from CD, press enter (in most cases) a few times, and *poof* ... the administrator account password is reset and you have access once again. So easy anyone could do it. Anyone. This is where you should be concerned. Anyone with physical access to your machine can do what I've just described. If you're in a position where folks with a motive or other random strangers can access your machine, you may want to rethink your physical security. If it's not physically secure, it's not secure. The ability to walk up with a CD, and "own" the machine with a reboot and a few keystrokes hopefully makes that pretty clear. Related: • Recent Comments
Another good solution is to download Ophcrack. This is a self running bootable that actually cracks the password and hands it to you. All within 15 minutes. Everyone should put this in their toolkit - and practice a bit. As the one gentleman said, bios passwords are pretty easy to get around. Some laptops will have to go back to the factory though, and you'll be charged a 100.00 or so. Staying away from bios passwords, is a good idea. why not "run" control userpasswords2??? Try anything you like but, the moral is that man makes it and man can break it (password,code,etc)Lucky for me I was raised B4 computers and still know how to use a pencil and paper.I started with computers (work) back in the DOS days and there has always, and will always be a way to get your so called "secure" info.I NEVER put anything on a computer unless I am willing to let the world see it,this has served me well. Those are my thoughts.........thanks. Man......You're a GENIUS! Your articles are very useful to me. I am a Non computer science student but your articles are making me...!. I found many solutions to my usual problems. "Good Bye to customer care services with ASK LEO! by Leo Notenboom!"........... I received a free computer from a Church. Windows XP Pro was requesting an admin password that neither I nor they knew. After several weeks of unsuccessful attempts, I used Offline NT Password and Registry Editor. Within 30 minutes, I had reset the password to BLANK and was able to access Windows. I had tried everything possible and nothing worked until I used this. Posted by: Danielle at June 1, 2008 08:51 PMFor desktop computer it might be easy to unlock the casing and reset bios but are they that easy for laptops too. I guess a friend of mine told me every bios has a backdoor password but i am not clear about this......... Thanks for another great article, Leo. This password tool is the first one i've tried that actually works! Posted by: Anth at July 22, 2008 05:10 PMlol! i have a Toshiba laptop i turn it on and is asking of a bios password i did not set how can i reset this bios i set on my Posted by: oduro at July 28, 2008 10:11 AMHi Leo, your the expert I know, but I have found a site online to reset the admin password as long as one has access to another acct, and as long as the acct. is specified as an admin acct. It just seems a whole lot easier and less invasive: "http://tweakxp.com/article37368.aspx" I've used this method and it works great. Works for other accts. as well. Does the method you advise here benefit those who have lost all access to all acct(s), or is there perhaps a negative with resetting the password via this (tweakxp) method. I do know it negates the user's settings when the password is changed this way. Thanks Leo, btw..great site!!! What your method amounts to is "I can reset the admin pasword as long as I have admin access". Of course that's going to be easier. The problem that most people face is that they do not have admin access in any form, at which point more drastic measures are called for. -Leo Posted by: PJ Theis at August 17, 2008 02:30 PM Post a comment on "I've lost the password to my Windows Administrator account, how do I get it back?":
|
Archives Advertisers |
|
