?
Solved

Without a professional IT background, what is the easiest way to recover my admin password on Windows XP Home edition?

Posted on 2005-04-01
11
Medium Priority
?
420 Views
Last Modified: 2013-12-04
I ask the question in the title because I'm concerned if the password is reset, I won't be able to access my files. Is this true?
I don't want to go through some lengthy process of moving my hard drive to another computer. After reading other incidents here, I know that is not necessary.
Isn't there some method where another program can recover my lost password within Windows XP Home edition? No, I didn't create a password recovery disk before this happened. I will after this though.
Can John the Ripper really be used for Windows XP Home edition? If so, does anyone have an example command I would type in? If not this program, is there some other program I can use with explanatory text not meant for someone with an extensive IT background?
I appreciate your help.
0
Comment
Question by:mbiedrz711
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +2
11 Comments
 
LVL 32

Accepted Solution

by:
r-k earned 1000 total points
ID: 13686402
You can use the ntpasswd utility to reset any password on an XP system. It is free from:

 http://home.eunet.no/~pnordahl/ntpasswd/

and worked very well the one time I had to use it.
0
 

Author Comment

by:mbiedrz711
ID: 13686610
In my original question, I asked if there is any negative aspect to resetting the password as opposed to an attempt to recovering the password.
Will I still be able to rename my account login back to the original name? Will all of my files be accessible afterwards and will all my personal settings remain?
Thanks.
0
 
LVL 7

Assisted Solution

by:tonyteri
tonyteri earned 80 total points
ID: 13686623
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 32

Assisted Solution

by:r-k
r-k earned 1000 total points
ID: 13686638
Quote:
"In my original question, I asked if there is any negative aspect to resetting the password as opposed to an attempt to recovering the password.
Will I still be able to rename my account login back to the original name? Will all of my files be accessible afterwards and will all my personal settings remain?"
----------

Sorry, I did not read your question carefully. Assuming you've not done anything special like encrypting your files, resetting the password should not have any negative impact. It will not change the username, nor other personal settings. Your files should be accessible (assuming you did not encrypt).
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 800 total points
ID: 13688929
No, the password reset posses no threat to you losing any data. You do have to realize your resetting at your own risk, if the program messes up or something, but I've used it for years, and I recommend the CD version rather than the floopy, I've not gotten the floppy to work for some time now.

Your also not resetting the name, it's just the password. Here are some of my previous comments on this topic, and how the reset password will not do harm.
http://www.experts-exchange.com/Security/Q_21281595.html#13093290
http://www.experts-exchange.com/Security/Q_21223219.html?query=efs+syskey&clearTAFilter=true
-rich
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 800 total points
ID: 13688934
BTW, even if you encrypt your files with EFS, they will know no different, EFS looks for the SID not password, although the password may have encrypted the files, your able to still view them, so you can even rename the account and you can read your EFS files. There are also 5 other recovery methods for EFS.
-rich
0
 

Author Comment

by:mbiedrz711
ID: 13692003
I appreciate the help so far. Before I try the reset, I’m wondering why this is the best approach Vs a password recovery? No one had answered my password recovery questions in the beginning.
0
 
LVL 15

Assisted Solution

by:davidis99
davidis99 earned 120 total points
ID: 13692559
The reason it's easier to reset a password vs. recover a password is due to how Windows encrypts passwords, and this applies not only to third party utilities, but to Windows itself.  Passwords in Windows are encrypted to prevent other users from having access to them;  even users who function as administrators on a PC do not have access to other users' passwords, they only have the ability to set a new password for non-administrator user accounts if needed.  The NT password reset utility r-k mentioned works in a comparable manner - it can create a new password entry in the correct location for any selected account, but does not have access to the existing stored passwords.  I've used nordahl's reset utility a number of times, on NT4 Workstation, Windows 2000 Pro, and Windows XP (Home and Pro) and have had no problems accessing the user profile of the account that's been reset afterwards.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 800 total points
ID: 13693215
Cracking the pass can be fast, if you precompute all possible hash's using RainbowCrack or OphCrack. Using JohnTheRipper, or L0phtCrack will take much more time (john is the faster of the two, espically on a linux machine)

The password reset utility is faster, and has worked for many of us over and over again. The only risk involved is the possiblity that it will mess up the SAM, which shouldn't happen, unless you elect to disable syskey, which is never a necessary step- i wish he'd remove that functionality altogether.

To obtian the Hash's you must use a utility that reads NTFS, and open or copy the SAM to a floppy or to a network share to crack. If the machine is booted, you can use Pwdump3v2, Pwdump4, NTdump or the many other SAM readers- you must have ADMIN priv's to do so however.
With regard to recovery
Recovery is a probably the safest way to do this, technically speaking. But from an experience standpoint, the reset utility works very well, again I recommend the CD-Image as opposed to the Floppy.
There are guides out there to help you, we cannot tell you john's cmd line but it's easy to use.
http://www.antsight.com/zsl/rainbowcrack/
http://lasecwww.epfl.ch/~oechslin/projects/ophcrack/index.php (if you do get the hash, this site let's you run it against their tables for free)
http://www.sysinternals.com/ntw2k/freeware/ntfsdos.shtml
http://packetstorm.linuxsecurity.com/NT/hack/
ntfs20r.zip
Boot from DOS and access an NTFS file system.
-rich
0
 

Author Comment

by:mbiedrz711
ID: 13694509
I’m currently attempting a password reset using http://home.eunet.no/~pnordahl/ntpasswd/
However, I’ve run into a problem. I’m communicating to you through the only other account on my pc. This account is obviously a non-admin account. For some reason under this account I am not allowed to write to a CD. The program I have to do this is Nero.
So, now I’m trying to get the floppy to work instead. No luck yet.
Any Comments or tips welcome.
0
 

Author Comment

by:mbiedrz711
ID: 13717982
I was able to get the floppy method to work.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses
Course of the Month12 days, 6 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question