SOURCE :http://ask-leo.com/ive_lost_the_password_to_my_windows_administrator_account_how_do_i_get_it_back.html
When I set up my machine I did set a password for the Administrator account, and then I promptly forgot it, since I never use that account. Now I need it. What can I do?
•
Do you have physical access to the machine?
Good.
You can reset any Windows password on that machine that you like.
And if that doesn't scare you, I really need to drive home a point.
Good.
You can reset any Windows password on that machine that you like.
And if that doesn't scare you, I really need to drive home a point.
•
First let's walk through what you need to do. The screen shots below
are from my Windows Vista machine, but Windows XP and NT are also
supported.
Obligatory caveat - this utility has been around for a while, and has a good reputation. However, as with any third party software that's going to operate on sensitive system areas, you are always at risk. Make sure you have a good backup of your machine prior to performing these operations. And of course use of utilities of this nature are entirely at your own risk.
Boot from that CD you just burned. You'll end up with something like this on your screen:
Don't let all the stark plain text worry you, the process for what
we're doing is actually pretty simple.
Here's the relevant portion of that screen, enlarged:
You can see that the utility has found multiple disks and/or
partitions, and is asking which one I want to work on. In my case I
know that the partition listed as the larger 1 (74207MB) is my Windows
drive, so I enter 2 to select it and press
Enter. Next:
After selecting the disk we want to use, the utility now asks us for
the location of the registry. The utility has correctly guessed the
location, Windows/system32/config, so all I need to is press
Enter to move on.
Next it asks more specifically what it is we want to operate on:
In this case the default answer Password reset, which
indicates which portions of the system are to be worked on, is the
correct one so all I need to do is press Enter.
Now it asks what we want to do:
We're here specifically to operate on passwords, so once again the
default answer of 1 is correct, and I simply press
Enter.
Now things get interesting.
You can see here that the utility has listed all the user accounts
on my machine: Administrator, Guest, and the account I actually login
with, "LeoN".
It's asking which user account to operate on, and supplied "Administrator" as the default, so once again I press Enter, and we get to the reason we're here:
Now, obviously there are several choices here. My preference is to
clear the password so that no password would be required to login, and
of course make sure that the account is enabled. Once done, you can
then login to the account in Windows and select a new password.
Use the "Quit" options and further prompts to save data to disk, exit the utility and reboot back into Windows.
Now, naturally, this has only been an overview of one type of operation. I recommend you familiarize yourself with the utility prior to using it, and review the documentation and FAQ on the web site.
Reboot from CD, press enter (in most cases) a few times, and *poof* ... the administrator account password is reset and you have access once again.
So easy anyone could do it.
Anyone.
This is where you should be concerned.
Anyone with physical access to your machine can do what I've just described.
If you're in a position where folks with a motive or other random strangers can access your machine, you may want to rethink your physical security.
Obligatory caveat - this utility has been around for a while, and has a good reputation. However, as with any third party software that's going to operate on sensitive system areas, you are always at risk. Make sure you have a good backup of your machine prior to performing these operations. And of course use of utilities of this nature are entirely at your own risk.
"If it's not physically secure, it's not
secure."
First, download and burn to CD the Offline NT Password and Registry Editor. This is actually
a highly customized version of Linux, that's designed to do exactly
what the name implies: allow you to examine and edit the password
information and registry of a Windows machine.Boot from that CD you just burned. You'll end up with something like this on your screen:
Here's the relevant portion of that screen, enlarged:
Next it asks more specifically what it is we want to operate on:
Now it asks what we want to do:
Now things get interesting.
It's asking which user account to operate on, and supplied "Administrator" as the default, so once again I press Enter, and we get to the reason we're here:
Use the "Quit" options and further prompts to save data to disk, exit the utility and reboot back into Windows.
Now, naturally, this has only been an overview of one type of operation. I recommend you familiarize yourself with the utility prior to using it, and review the documentation and FAQ on the web site.
•
So that was pretty simple, right? OK, maybe a little scary if you've
never done something like that before, but you can see that it's pretty
darned easy.Reboot from CD, press enter (in most cases) a few times, and *poof* ... the administrator account password is reset and you have access once again.
So easy anyone could do it.
Anyone.
This is where you should be concerned.
Anyone with physical access to your machine can do what I've just described.
If you're in a position where folks with a motive or other random strangers can access your machine, you may want to rethink your physical security.
If it's not
physically secure, it's not secure.
The ability to walk up with a CD, and "own" the machine with a
reboot and a few keystrokes hopefully makes that pretty clear.
No comments:
Post a Comment