70
25
I have forgotten the Administrator password of my Windows XP installation and locked out. Is there a way to reset it? I do have physical access to the PC.
70
25
I have forgotten the Administrator password of my Windows XP installation and locked out. Is there a way to reset it? I do have physical access to the PC.
52
You can use Offline NT password and registry editor to reset it. You also can use Ophcrack.
21
Follow these steps:
Boot from Windows PE or Windows Recovery Environment (or use any LiveCD/USB/ ANY Windows installation disk / Anything bootable that can see NTFS/Fat32/...), and run the Command Prompt.
Find the drive letter of the partition where Windows is installed. It is usually C:
(Vista and XP). It could be D:
under Windows 7 because the first partition contains Startup Repair and will be assigned with C:
. To find the drive letter, type C:
or D:
and search for the Windows folder. Note that Windows PE (RE) usually resides on drive letter X
.
Create a backup copy of sethc.exe
with this command (for later restoration):
copy c:\windows\system32\sethc.exe c:\
(replace c:
with your correct drive letter if needed)
Replace sethc.exe
with cmd.exe
:
copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
Reboot your computer and start the Windows installation where you forgot the administrator password
After you see the login screen, press Shift five times or press on Accessibility.
Now It will open a command prompt!
Enter the following command to reset the Windows password:
net user YOURUSERNAME NEWPASSWORD
(If you don’t know your user name, just type net user
to list all available user names)
You can now log on with the new password. Now you have privileges of user SYSTEM
and you can do whatever you want with your current system (be careful)!
Advantages:
It works with all Windows versions you can find nowadays from Windows XP to 8.1, x86 or x64, and probably it will work on earlier and newer versions too.
No need to prepare anything. You can do this with any bootable media media which is in your hands at that moment. Started from MS-DOS* bootable disks and Windows installation disks to LiveCD/USB/and others.
Many other programs that change password from registry are usable, but if something goes wrong, they can damage the OS. This method is safe and can't damage anything.
Finally, it's free.
*Note: If it's MS-DOS bootable media, make sure it has NTFS driver (NTFS4DOS/Paragon NTFS or something like it).
Note: It works when accessibility options are enabled (5x shift, sticky keys), and its enabled by default.
Disabling accessibility options will partially prevent this.
Partially, because it's possible to change another files/settings and achieve the same results.
Change BIOS settings and disable booting from other devices and set BIOS password. There are some hacky methods to bypass this restriction, but it's another theme. For more security, you can lock your case (really, use a real lock) to prevent BIOS reset, especially if it's a very important computer (or if you are paranoid ;)
1I used this for the 2nd time today. Still amazed at how simple and easy this is. Wish I could upvote it again. – CoderDennis – 2014-07-15T09:23:44.383
1Nice trick. What if I have the 5x Shift shortcut disabled - is it user-specific setting or will it affect the logon screen too, thus breaking this method? – gronostaj – 2013-07-28T11:45:54.713
25x shift is enabled by default. It opens Utility Manager which allows the user to configure through the one window the following special Accessibility features : Magnifier, Narrator, and On-Screen Keyboard).You can also use Win+U to open it. – Jet – 2013-07-28T12:23:50.083
3+1 However, be so fair and mention your source if you copy&paste it. I have done this for you this time – nixda – 2013-07-28T12:54:31.970
3ALSO replacing Utilman.exe, OSK.exe, Magnifier.exe will do the same work. – Jet – 2013-09-30T14:38:24.543
1This is easy & clean. Worked with Windows Vista – user – 2013-12-01T06:46:01.030
@Jet How do I trigger Utilman.exe, OSK.exe and Magnifier.exe through keyboard shortcut in Windows Logon screen? – Boris_yo – 2014-03-14T10:37:22.137
@Boris_yo press Win+U and sethc will appear, then turn on magnifier or OSK... – Jet – 2014-03-17T12:59:28.527
5
Let me give my 2 cents on this question. I personally would use using KON-BOOT , it bypasses all windows password checking, so you can boot to windows and change the password. Its like a live cd that boot prior to windows and tricks it when asked for the password.
Great tool for hacking your own box (you can only change the pass, you can't see the old one)
From the site:
Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel (and now Windows kernel also!!!) on the fly (while booting).
In the current compilation state it allows to log into a linux system as 'root' user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password.
It was acctually started as silly project of mine, which was born from my never-ending memory problems :) Secondly it was mainly created for Ubuntu, later i have made few add-ons to cover some other linux distributions.
Finally, please consider this is my first linux project so far :)
Entire Kon-Boot was written in pure x86 assembly, using old grandpa-geezer TASM 4.0.
5KON boot is not open source. It does a very sophisticate hack to avoid reseting the psw, and because of this, I can't trust it doesn't do any other things, malicious or not. Some people says it doesn't, but who knows. Also the free version doesn't work with x64. – Mister Smith – 2011-10-05T14:38:48.323
3
This is very easy to do, but rather than explain it all here, ive found two articles that show you exactly how to do it.
This is the easiest method, but for this you need to have the Windows Setup DVD that came with you computer, if not go to the second link.
http://www.online-tech-tips.com/windows-7/forgot-lost-administrator-password-windows-7/
If you dont have the setup DVDs, then follow this link to fix it. This method requires a bit more work though, but is just as effective.
http://www.online-tech-tips.com/computer-tips/forgot-your-windows-password-how-to-recover-your-lost-password-try-login-recovery/
2
Assuming you can log on, I have read that running explorer using the at scheduler in the command prompt gives you admin rights, I haven't tried it though :)
1Yes, and works only on WinXP SP2. As I remember it couldn't work on Vista and 7... – Jet – 2014-02-11T14:17:40.323
1
I had this problem in the past but I found a way to break the password.
STEPS:
Download the file from here: http://pogostick.net/~pnh/ntpasswd/
Copy all downloaded files in your removable drive (pen drive)
Open a command prompt and write this line:
h:\syslinux.exe -ma h:
(replace "h" with your removable drive like i,j,G)
Insert a pen drive in your targeted PC and boot this pen drive (legacy must be ON).
Click enter
thoughout all the steps until you get an instruction like clear password
.
After getting clear password
, complete this step and restart your system. Now it will not ask you to enter a password and the computer will start.
Using these steps, I have broken my administrator password many times; it is very efficient.
0
Right click on My Computer, select Manage. Select Users under Local Users and Groups in the tree pane, right click on the Administrator and click Set Password...
This obviously assumes that you can log in to Windows though!
10...and that you have admin rights... – Fredrik Mörk – 2009-07-16T08:29:48.440
or at least a not "limited" user... – Jet – 2014-02-11T14:21:42.733
1pogostick.net/~pnh/ntpasswd is really great and easy to use. Thanks for the tool! – Pierre Arnaud – 2010-04-14T09:18:25.780
1ntpasswd didn't work for me, I have been trying to reset password of a windows xp vhd – Kumar – 2012-09-04T18:29:35.043
4
What the hell are you talking about? Many bootable CDs include Offline NT Password (http://pogostick.net/~pnh/ntpasswd/), which takes about 2 minutes to reset a Windows password. There are plenty of other tools as well, ERD Commander includes 'Locksmith', which has a simple interface, and takes about 10 seconds to do it. Cracking a password is a last resort, and unless the password is less than 15 chars, is close to impossible. Below that, with a decent set of rainbow tables (I have a 12GB set), you've got pretty good chances, but it's not guaranteed. Windows passwords are easy to remove.
– Dentrasi – 2009-12-05T09:14:48.4703This answer is very old, before I even knew about offline NT password & registry editor. I've updated my answer though. – John T – 2009-12-05T14:32:27.707
Yes, they can work. But as I know there is NO warranty that they will work, and NO warranty that they will not harm the system. They can crash the registry if something goes wrong... – Jet – 2013-09-30T15:09:31.900