Password resetting and recovering techniques

There are several methods to reset and recover the password of a Windows administrator's account . The fastest method is to use a freeware tool like Offline NT Password & Registry Editor or the Linux live distribution Austrumi (update: not updated since 2009 so use with care).

The author of Offline NT Password & Registry Editor provides a bootdisk for the program while Austrumi is bootable right away after you burn it to CD or DVD. Detailed instructions on how to use the first tool are provided on the authors website, with Astrumi you simply enter nt_boot when the command prompt appears.

You could also try to bruteforce your way in again but this is not recommended because the other two methods are easier and faster. Plus, brute forcing only works if the Windows user account password is short. For long passwords, brute forcing is not an option at all.

Last but not least this was taken from a user comment and not checked out.

• 1) copy cmd.exe out of system32
• 2) rename as logon.scr
• 3) paste it back in system32 and replace current one
• 4) log off and wait for the screensaver. it will be a command prompt. use [net user]

If an admin account is available, it is without doubt the easiest to log into that account and change the user password this way. This works if an admin account without password is available, or if an admin account with password is available that you still remember the password of, or that someone else has control over.

It needs to be noted though that changing the user account password may have consequences for that user's files on the system. If files have been encrypted using the EFS encryption subsystem of the NTFS file system, then they are lost if the password is changed. If that is the case, brute forcing may after all be the better option to regain access to the user account.

Advertisement