2010-05-17 19:58:22
Reset A Forgotten Windows Password
Have you ever had a Windows XP machine where you forgot your password and didn't know the password for the administrator account? Or maybe you have a newer Vista of 7 machine that doesn't have an administrator account and your grandkids just entered your password wrong enough times to lock out your account. In any case, what do you do? There is no way into your machine without a password for a working account. Lucky for you, other ways exist.While many tools exist, some free and some not free, I will explain the one that I use because it is the most versatile. All you need is the latest Knoppix DVD. Make sure you grab the DVD because the CD doesn't contain everything that we need.
So why am I using a full, bootable operating system when other slimmer tools will do the job. Here is what the Knoppix DVD gets you that other slimmer tools don't:
- NTFS support (you need this for OSs newer than Windows 98)
- Extensive driver support (support for many RAID cards and non-standard storage)
- Ability to do more than just reset passwords
Now it's time to go over the few easy steps to reset a forgotten password.
- Boot the Knoppix DVD
- Open a root terminal The normal terminal icon on the taskbar will open a terminal as the 'knoppix' user. We, however, need root privileges to do what we need to do, so don't click that icon. Instead, click the penguin icon. This will pop a short list in which "Root Terminal" will be a choice.
- Edit fstab You probably already saw that there was an icon on the desktop which would automatically mount your Windows drive and give you a file browser. If you clicked it, way to go, genius, you did it wrong. Right click the icon and unmount the drive. We need to keep the drive unmounted until we've made our change. In the root terminal, edit /etc/fstab. You will see a line similar to:
- Mount the drive Sure, you could click the icon on the desktop now that we've changed the drive to writable, but you don't want to do that. I will hate you. You want to do it the right way:
- Change to the SAM directory Depending on how your version of Windows was installed, you may have to play around with capitalization and such, but the directory should be like the following:
- List the users Now we get to use the tool to reset passwords, chntpw. First of all, let's see what users exist on your Windows drive:
- Reset the password If you want to reset the administrator password, you can just enter:
- Unmount the drive
- Reboot However you want to do that.
/dev/sda1 /media/sda1 ntfs noauto,nouser,uid=0,gid=0,umask=002 0 0
Change it to read:
/dev/sda1 /media/sda1 ntfs rw,noauto,nouser,uid=0,gid=0,umask=002 0 0
By adding the "rw," to the line, we enable writing to the Windows partition, which is necessary to blank the password. Because writing to an NTFS drive is still considered "experimental", it's not enabled by default. Save fstab.
mount /media/sda1
cd /media/sda1/Windows/system32/config
chntpw -l SAM
"SAM" is the filename in the config folder, so be sure you have the proper case.
chntpw SAM
If you want to reset a specific user account, you need to enter:
chntpw -u USERNAME SAM
Be sure to enter an asterisk (*) for the password to blank it because changing it to an ascii value doesn't work. You'll have to answer yes (y) to two questions asking if you're sure and if you want to write the changes.
umount /media/sda1
Back