bakalao2k
join:2001-03-20
Chicago, IL
| Reset Windows XP password
I Forgot My Administrator Password!
by Vic Ferri
Can't Log On to Windows XP?
If that’s your only problem, then you probably have nothing to worry about. As long as you have your Windows XP CD, you can get back into your system using a simple but effective method made possible by a little known access hole in Windows XP.
This method is easy enough for newbies to follow – it doesn’t require using the Recovery Console or any complicated commands. And it’s free - I mention that because you can pay two hundred dollars for an emergency download of Winternals ERD with Locksmith which is a utility for unlocking lost Windows passwords. See here »www.winternals.com/products/repa···mith.asp
ERD is an excellent multi purpose product, but you should know it is not a necessary one if you have a healthy system and your sole problem is the inability to logon to Windows due to a forgotten password. Not necessary because you can easily change or wipe out your Administrator password for free during a Windows XP Repair. Here’s how with a step-by-step description of the initial Repair process included for newbie’s.
1. Place your Windows XP CD in your cd-rom and start your computer (it’s assumed here that your XP CD is bootable – as it should be - and that you have your bios set to boot from CD)
2. Keep your eye on the screen messages for booting to your cd Typically, it will be “Press any key to boot from cd”
3. Once you get in, the first screen will indicate that Setup is inspecting your system and loading files.
4. When you get to the Welcome to Setup screen, press ENTER to Setup Windows now
5. The Licensing Agreement comes next - Press F8 to accept it.
6. The next screen is the Setup screen which gives you the option to do a Repair.
It should read something like “If one of the following Windows XP installations is damaged, Setup can try to repair it”
Use the up and down arrow keys to select your XP installation (if you only have one, it should already be selected) and press R to begin the Repair process.
7. Let the Repair run. Setup will now check your disks and then start copying files which can take several minutes.
8. Shortly after the Copying Files stage, you will be required to reboot. (this will happen automatically – you will see a progress bar stating “Your computer will reboot in 15 seconds”
9. During the reboot, do not make the mistake of “pressing any key” to boot from the CD again! Setup will resume automatically with the standard billboard screens and you will notice Installing Windows is highlighted.
10. Keep your eye on the lower left hand side of the screen and when you see the Installing Devices progress bar, press SHIFT + F10. This is the security hole! A command console will now open up giving you the potential for wide access to your system.
11. At the prompt, type NUSRMGR.CPL and press Enter. Voila! You have just gained graphical access to your User Accounts in the Control Panel.
12. Now simply pick the account you need to change and remove or change your password as you prefer. If you want to log on without having to enter your new password, you can type control userpasswords2 at the prompt and choose to log on without being asked for password. After you’ve made your changes close the windows, exit the command box and continue on with the Repair (have your Product key handy).
13. Once the Repair is done, you will be able to log on with your new password (or without a password if you chose not to use one or if you chose not to be asked for a password). Your programs and personalized settings should remain intact.
I tested the above on Windows XP Pro with and without SP1 and also used this method in a real situation where someone could not remember their password and it worked like a charm to fix the problem. This security hole allows access to more than just user accounts. You can also access the Registry and Policy Editor, for example. And its gui access with mouse control. Of course, a Product Key will be needed to continue with the Repair after making the changes, but for anyone intent on gaining access to your system, this would be no problem.
And in case you are wondering, NO, you cannot cancel install after making the changes and expect to logon with your new password.
Cancelling will just result in Setup resuming at bootup and your changes will be lost.
Ok, now that your logon problem is fixed, you should make a point to prevent it from ever happening again by creating a Password Reset Disk. This is a floppy disk you can use in the event you ever forget your log on password. It allows you to set a new password.
Here's how to create one if your computer is NOT on a domain:
Go to the Control Panel and open up User Accounts.
Choose your account (under Pick An Account to Change) and under Related Tasks, click "Prevent a forgotten password".
This will initiate a wizard.
Click Next and then insert a blank formatted floppy disk into your A: drive.
Click Next and enter your logon password in the password box.
Click Next to begin the creation of your Password disk.
Once completed, label and save the disk to a safe place
How to Log on to your PC Using Your Password Reset Disk
Start your computer and at the logon screen, click your user name and leave the password box blank or just type in anything. This will bring up a Logon Failure box and you will then see the option to use your Password Reset disk to create a new password. Click it which will initiate the Password Reset wizard. Insert your password reset disk into your floppy drive and follow the wizard which will let you choose a new password to use for your account.
Note: If your computer is part of a domain, the procedure for creating a password disk is different.
See here for step by step instructions: »support.microsoft.com/default.as···;306214&
--
"Don't hate the player, hate the game..." |
|
psloss
Premium,MVM
join:2002-02-24
Alpharetta, GA
| Interesting -- I didn't know about that hotkey/accelerator. But a quick search shows that it's also been documented:
»support.microsoft.com/default.as···;q295116
Philip Sloss
--
Feedback? e-mail: stuff@lupwa.org |
|
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
| reply to bakalao2k
So have you tried the Adminastarter Account In safe Mode that is diffrent from your Desktop Logon???
If you can go to Safe mode and login with either desktop.
you should be able to use the control userpasswords2 switch at the start and run box to reset the password.
Thanks Again
--
† Koma †If YOu Don't Think It's Possable!! It's Acually A Reality!! The best way to predict the future is to invent it. Alan Kay!!Ya Don't Know The signal Till Ya Ride It!!Voice Break's There's Trouble!! |
|
ff1324
Where did the time go?
Premium
join:2002-08-24
On Four Day
| reply to bakalao2k
Hey that password reset disk thing is pretty handy...as long as you have a floppy drive. MS ought to get with the program and allow USB and CD drives to be included in that for those of us that don't have a floppy.
--
The funny thing about firemen...night and day they're always firemen |
|
B
Premium,MVM
join:2000-10-28
| reply to bakalao2k
Many people use and recommend the freeware described here at »Microsoft Application Tips and Tweaks »I lost my password, what do I do now? , but this technique is actually preferable, since it's both free and doesn't require trusting any third party code.
Thank you!
-- B
--
In a realm outside causality and function |
|
koma3504
Advocate
Premium
join:2004-06-22
North Richland Hills, TX
| reply to ff1324
said by ff1324  :Hey that password reset disk thing is pretty handy...as long as you have a floppy drive. MS ought to get with the program and allow USB and CD drives to be included in that for those of us that don't have a floppy. Acually I just did that with a dell diminsion that did not have a floppy drive Using My Usb Floppy Drive.
All you have to do is go disable and delete the a drive it recongnizes and use floppy b the usb Works Like A charm  ;);)
Thanks Again.
--
† Koma †If YOu Don't Think It's Possable!! It's Acually A Reality!! The best way to predict the future is to invent it. Alan Kay!!Ya Don't Know The signal Till Ya Ride It!!Voice Break's There's Trouble!! |
|
Cudni
La Merma - Los De Aca
Premium,MVM
join:2003-12-20
Someshire
 ·BTOpenworld
| reply to B
It is indeed free, no third party involved, workaround but one that involves the requirement of the OS repair, when not required, with all consequences that brings. With third party mentioned in Faq that is not necessary. Still very useful to know approach though.
All of the above as told (not verbatim) to me by MSeng 
Cudni
--
....nothing but a well informed optimistHelp yourself so God can help you |
|
B
Premium,MVM
join:2000-10-28
edit:
November 17th, @08:48PM
| Yeah I was thinking about that too.
You know, the next logical step would be for some smart person to analyze this just a bit further and figure out how to trigger the Shift-F10 code from the boot CD WITHOUT having to go through with a repair/reinstall.
Edit: There's another technique that worked for quite a long time but I don't know if it still does.
-- B
--
In a realm outside causality and function |
|
AMD Phreak
Please do the needfull
Premium
join:2003-12-14 | reply to bakalao2k
EBCD works good for this as well as austrumi. |
|
SnowSurfer00
join:2003-08-03
Providence, RI | reply to bakalao2k
too bad i turned off all booting except from the harddrive and the bios is password protected from little hackers..lol but yea this is handy |
|
ZOverLord
Premium
join:2003-10-20
Minneapolis, MN
| reply to bakalao2k
Funny,
Most people FORGET to make a password for the default "ADMINISTRATOR" account.
If you happen to be one of those, it can be as simple as going into safe mode ("F8") at boot, click on the "ADMINISTRATOR account id, and enter "NUSRMGR.CPL" from the command line there as well.
Since it never shows up in your user list normally it's easy to forget to add a password, so that's also a little less stressful to use to recover, but then I would also give that account a password as well, if you left it BLANK all this time.
--
Black, Grey and White Hats Unite here -> »testing.OnlyTheRightAnswers.com |
|
rgillis70
Premium
join:2002-12-30
Herndon, VA
 ·Cox HSI
| reply to B
said by B :Edit: There's another technique that worked for quite a long time but I don't know if it still does. -- B Were you refering to a Linux boot disk? I have used that as well as a couple other recovery type boot disks (both from CD and floppy) and they work great. I have never had to runa repair-installtion to the OS to get a new password (but as stated above - it would work). |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV | reply to bakalao2k
Re: Reset Windows XP password
Interesting but takes too long, I prefer to crack the SAM using ophcrack.
I use Reatogo to make a XP livecd then add ophcrack to the cd, and let ophcrack crack SAM, takes less than 5 minutes.
--
Best RegardsVampirefo |
|
jdong
Eat A Beaver, Save A Tree.
Premium
join:2002-07-09
Rochester, MI
clubs:  
| reply to bakalao2k
There are fasters ways to do it, whether it's using ntpwreset or a rainbow table cracker and actually retrieving the password (rainbowcrack, ophcrack). There are also freely available Linux implementations on LiveCD's.
--
UbuntuForums Administrator: try Ubuntu Linux |
|
Vampirefo
Premium,MVM
join:2000-12-11
Huntington, WV
·Comcast
| I have used Linux but prefer not to Cause Linux drivers could screw up NTFS, Linux Drivers for NTFS are not guaranteed to work flawlessly.
Using a Live XP CD is a better option, cause one is using NTFS to read and write to NTFS.
--
Best RegardsVampirefo |
|
jdong
Eat A Beaver, Save A Tree.
Premium
join:2002-07-09
Rochester, MI
clubs:
edit:
January 19th, @08:46PM
| said by Vampirefo :I have used Linux but prefer not to Cause Linux drivers could screw up NTFS, Linux Drivers for NTFS are not guaranteed to work flawlessly. False. Linux NTFS drivers are now considered safe in read-write mode. However, read-write functionality is LIMITED, the most applicable limitations to what we're trying to do is:
(1) File length may not change (i.e. you MAY overwrite)
(2) No creation or deletion of files
Overwriting the password hash in the SAM file meets both requirements, and as a result the Linux NTFS drivers will be able to manipulate this safely. If you try to do something unsafe, you'll get a "Permission Denied" or "IO Error" message. The kernel drivers will NOT let you damage an NTFS volume.
There are actually Linux distributions that run off overwritable loopback files on NTFS volumes, which work great, an indication that the Linux NTFS drivers are indeed safe when used according to their instructions.
I've performed the PW reset procedure over 10 times on different computers and never have I experienced any problems with it.
EDIT: Reference Source: »www.linux-ntfs.org/content/view/15/29/
quote:
with safe file overwrite support on all Windows versions without changes to the file size (uncompressed, unencrypted, nonsparse files only).
So don't compress your SAM file 
--
UbuntuForums Administrator: try Ubuntu Linux |
|
richellem
@rr.com
|  reply to bakalao2k
Whoever Posted This--I LOVE YOU!
My aunt died in November and left her computer to me. Unfortunately I did not know her password. You simple instructions got me on. I searched 100 websites before finding this one, and tried several things that did not work. THANK YOU, THANK YOU, THANK YOU!! |
|
