What should you do when you forgot the password to login to Windows system? Ask an administrator to reset the log on password for you. If you yourself are administrator, and you can’t remember the administrator password, the problem get a little tricky, and probably hard to recover the ‘forgotten password’ again. Before you search for recovery CD or Windows DVD to format and reinstall Windows onto the computer, here a few ways you can try to unlock the Windows to gain access to the system again, at least by resetting the password.
Method 1: Take a rest, and try hard to remember the forgotten password
Sometimes, human being is a little weird. You won’t get the thing that you urgently need. So have a coffee, take a snap or even come back after a few days, you may found that you suddenly ‘remember’ your Windows password.
Method 2: Try No Password Administrator Login Backdoor
Basically, at Windows XP Welcom Screen, simply press Ctrl-Alt-Del keys sequence together twice, and you will be shown a Log On to Windows menu which you can specify User Name and Password. In the User Name text box, key in “Administrator” (without quote) and leave the Password field blank. Then press Enter or click on OK. If there is not password protects the Administrator account, or blank password is set, then you will be able to access the Windows with full administrative privileges as Administrator.
Method 3: Reset password from another user account with administrator credentials
If you cannot log on to Windows by using a particular user account, but you can log on to another account that has administrative credentials, follow these steps on how to do the trick:
1. Log on to Windows by using an administrator account that has a password that you remember. You may need to start WinXP in safe mode.
2. Click Start, and then click Run.
3. In the Open box, type “control userpasswords2″, and then click OK.
4. Click the user account that you forgot the password for, and then click Reset Password.
5. Type a new password in both the New password and the Confirm new password boxes, and then click OK.
Method 4: Do-It-Yourself (DIY) third party recovery tool
There are a lot of tools and utilities that can be downloaded and used to recover, reset, retrieve or reveal existing password. These password reset or retrieval utilities, free or paid, are usually a Linux boot disk or CD that able to comes with NT file system (NTFS) drivers and software that will read the registry and rewrite the password hashes, or can brute force crack the password for any user account including the Administrators. The advantage is that there is no fear of leaking your password to outsiders, while the process requires physical access to the console and a floppy or CD drive, depending on which tool you choose. And it’s not easy, although it always work!
Offline NT Password & Registry Editor – Available as bootdisk or bootable CD, Offline NT Password and Registry Editor works to change or reset password of any users on Windows NT 3.51, NT 4, Windows 2000, Windows XP, Windows Server 2003, Windows Vista 32 and 64 bit. It can also detect and offer to unlock locked or disabled user accounts.
cd080802.zip (~3MB) – Bootable CD image and can be used to make bootable USB drive.
bd080526.zip (~1.1MB) – Bootdisk image for floppy disk
drivers1-080526.zip (~310K) – Disk drivers (mostly PATA/SATA).
drivers2-080526.zip – Disk drivers (mostly SCSI).
John the Ripper password cracker – John the Ripper is a fast password cracker based on dictionary attack with a wordlist currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.
John the Ripper 220.127.116.11 for Windows
EBCD – Emergency Boot CD – EBCD is a bootable CD, intended for system recovery in the case of software or hardware faults. It is able to create backup copies of normally working system and restore system to saved state. It contains the best system software ever created, properly compiled and configured for the maximum efficient use. Features are such as copy files from unbootable volume, recover master boot record of HDD, recover deleted file, recover data from accidently formatted disk and floppy disk. EBCD also includes function to change password of any user, including administrator of Windows NT/2000/XP OS without the need to know the old password.
Both contains necessary NT password recovery feature.
Ophcrack – Windows password cracker using time-memory trade-off on LM and NTLM hashes based on rainbow tables and supports Windows Vista, XP, 2003 and NT. This tool allows you to retrieve existing password.
RainbowCrack – Crack Windows password using time-memory trade-off cryptanalysis based on rainbow tables. Unless you already has dumped the hash for your Windows password, else this utility is for hacker as it provides no way to retrieve the password hashes when you unable to access to your computer.
L0phtCrack (LC5) – L0phtCrack (now known as LC5) is a password auditing and recovery application by using dictionary, brute-force, and hybrid attacks. originally produced by Mudge from L0pht Heavy Industries, and was produced by @stake after the L0pht merged with @stake in 2000. Support and sales has been discontinued by Symantec from end of 2006, after it acquered @stake in 2004. So you probably need a crack that lists below. If you unable to sign on to your computer, you probably can’t use this.
Cain & Abel – Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol’s standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some “non standard” utilities for Microsoft Windows users.
This tool needs to be installed, so you must have another working computer to recover your password remotely. Thus it’s likely to be useful for system administrator only. Supports Windows Vista.
PCLoginNow – Bootable live CD with tool to reset local administrator and other user accounts passwords or change security settings on Windows system.
Method 5: Third party password recovery service
Login Recovery – Login Recovery is a service to reveal user names and recover passwords for Windows NT, 2000, XP, 2003 and Vista. Free service is available by waiting up to 48 hours and only one free request every three months. For privacy matter people, there may be some uncomfortability as service provider actually ‘know’ your password before sending it back to you.
Method 6: Bypass Windows log on password with DreamPackPL
DreamPackPL allows users to skip or bypass Windows login security in Windows XP or Windows 2000, and log on to a password protected Windows user account without a valid password or the need to change the existing password.
Warning: If you change or reset password by using any method above, all EFS encrypted files in Windows Vista or Windows XP will be unreadable and no longer recoverable unless you remember the old password that used to encrypt the files. So if you have any encrypted files, it’s best that you try to crack the password first in order to retrieve and get back the existing password first, before you attempt to reset the password to a new one.