Forgotten Windows Password

October 21, 2013

If you find that you are no longer able to log in to Windows due to a forgotten or changed password, then you might want to try one of these options. These have  worked for me on various Windows  computers.  Here are some options:

Option 1:

1. Using another computer, download Ophcrack and burn it to a cd.

2. Insert the disc into the problem computer and boot to that disc. You might have to use F12 or some other keystroke to select the optical drive as your first boot device.

3. Select the 1st option which the automatic graphic mode. From here, it should proceed right to the screen that searches for the passwords for the various users. If it doesn’t get to that screen, or if it doesn’t display properly, then there is a video driver issue. In that case you will have to pull the hard drive and attempt the same procedure on a different computer. If you do this, make sure you unplug the hard drive on that computer and plug this hard drive in as the only (or primary)  hard drive. I have run into this scenario before, where Ophcrack wouldn’t work on one computer, but it would work on another computer.

4. As it finishes scanning for each user, it will display the password for that user, or, it will say that it couldn’t find the password.

Option 2:

1. Using another computer, download Ubuntu as an iso file and image it onto a cd, using Nero or some such program.

2. Insert the Ubuntu disc into the problem computer and boot to that disc. You may have to select F12 or some other keystroke to allow you to boot to the optical drive.

3. Do not install Ubuntu. Rather, try it. Browse to the hard drive where Windows is located. Go to windows\system32. You are looking for 2 files; sethc.exe and cmd.exe. Copy them both directly onto C: drive, or somewhere that you can access them later, if need be. In the system32 folder, rename sethc.exe to sethc.old. Next, in the same folder, rename the file cmd.exe to sethc.exe.

4. Remove the Ubuntu disc and reboot the computer. At the login screen, hit the shift key 5 times or so. That will bring up a command prompt. You are now into the main administrator account and you will be able to make changes that stick.

5. Type in net user  and then hit  enter, to see the different user profiles. Let’s say that the user that you wish to modify is Jim. Now type net user Jim * then hit enter. If you hit enter again, it will remove the password. If you type in net user Jim 1234, it will create/change Jim’s password to 1234.

6. Reboot the computer. You should now have access to Windows.

7. You should then put in the Ubuntu disc and reboot to Ubuntu so that you can undo the changes in the system32 folder. So navigate to that folder. Rename sethc.exe to cmd.exe. Then rename sethc.old back to sethc.exe.

8. Reboot and you’re done.

Option 3:

1. Using another computer, download Ubuntu as an iso file and image it onto a cd, using Nero or some such program.

2. Insert the Ubuntu disc into the problem computer and boot to that disc. You may have to select F12 or some other keystroke to allow you to boot to the optical drive.

3. Do not install Ubuntu. Rather, try it. Browse to the hard drive where Windows is located. (browse to windows\system32\config) Look for the sam file. (Look for just the basic sam file.)

4. Right click on the file and rename to sam.old, or whatever you prefer.

5. Close everything out and reboot the computer into Windows. Windows should rebuild the sam file, but with no password. It may also give you the option of starting normally or doing a repair.  Let it do the repair. It may also ask you to restore to an earlier time. (This happened to me. It did not ask me to select a date. It simply restored itself. When the loging screen came up it was asking for a previous password that I was able to then use to get into Windows.) If this doesn’t work, and the computer blue-screens or simply won’t boot into windows, then you can go back and re-edit the name of the sam file. (remove the .old extension)

Option 4:

Note: this method is similar to Option 2, but instead of using an Ubuntu disc, you’ll use a Windows disc.

1. Use the net user command. To do this you’ll need to boot the computer with a Windows cd/dvd disc. You’ll want to get to a command prompt, so select the repair option when you get to that screen.

2. At the command prompt, type  copy c:\windows\system32\sethc.exe c:\  (note the space right after the word, copy. (note that this might not work, depending on which drive letter was assigned to Windows. You may have to use d: instead of c:) This makes a copy of the sethc.exe file directly on C: drive so that you have access to it later.

3. Type copy c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe. (notice the space between cmd.exe and c:\)  This copies the cmd onto the sethc.exe file so that on reboot the sticky key feature will bring up the main administrator command prompt. This is very important, otherwise, the changes you make in the next step will reverse as soon as the computer is rebooted!

4. Reboot the computer.  At the login screen, hit the shift key 5 times or so. That will bring up a command prompt. You are now into the main administrator account and you will be able to make changes that stick.

 5. Type in net user  and then hit  enter, to see the different user profiles. Let’s say that the user that you wish to modify is Jim. Now type net user Jim * then hit enter. If you hit enter again, it will remove the password. If you type in net user Jim 1234, it will create/change Jim’s password to 1234.

6. Reboot the computer. You should now have access to Windows.

7. You should reboot the computer with the Windows disc again so that you can reverse the changes you made to the sethc.exe file. Once you get to the command prompt, type, copy c:\sethc.exe c:\windows\system32\sethc.exe. Again, remember that you may have to use d instead of c for the drive letter.

Hopefully one of these options will be of help to get you out of a bind.

Rob

Comments are closed.