• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 133
  • Last Modified:

Cracking Windows 8 password

In the past I have found "NT Password and Registry Editor" to be a useful tool to "clear or (blank) a user password on a Windows machine where the user has forgotten their password.

I recently used this method successfully on a Windows 8 machine that had a local user account. Now I'm trying to "blank" or "crack" a password on a Windows 8 machine that is protected with a Microsoft account where the account name is like "joeblow@msn.com.

So far I am unsuccessful at bypassing the password for this type of credential.

Any suggestions?

Thanks

Scott
0
scottjnorris
Asked:
scottjnorris
  • 4
  • 3
  • 2
1 Solution
 
McKnifeCommented:
Logically, there is no way. Look, an MS account is kept at a remote internet server. No local account=nothing to crack locally. It's the same with domain accounts, the nordahl disk cannot tamper with them.
0
 
scottjnorrisAuthor Commented:
If an "MS account is kept at a remote internet server" how do you log on to your Windows 8 computer when you are offline ?
0
 
rindiCommented:
You'll have to look on the hotmail site, there you can have them send the password to the other email or phone which was needed when the account was setup.

If you are offline, it uses cached credentials.
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
scottjnorrisAuthor Commented:
This person said that after they set up the password on this computer they changed the password on their email account. So the password on their email account no longer matches the password they used to set up their Windows 8 log-on account.
0
 
scottjnorrisAuthor Commented:
"If you are offline, it uses cached credentials."

Then there might be a work around to to clear or blank the cached password so that the account can be logged on to without a password. I've found this to be true with Linux OS and all flavors of Windows OS except in the above example.
0
 
rindiCommented:
That wouldn't make any sense, as then the cached password wouldn't be in sync with the actual password. If the PC is connected to the internet you should be able to logon to the m$ account using the password he changed.
0
 
McKnifeCommented:
I can only second rindi in every respect.
The disk cannot blank a cached password. It can only be used with local accounts, not with cached credentials.
0
 
scottjnorrisAuthor Commented:
You don't have a cached password if you blank  (remove the password ) Then after you log on (without a password) you can create a local account or create a new Microsoft account that is once again password protected.
0
 
McKnifeCommented:
Scott, I know that disk since it has been around. And i know MS accounts and their interaction with 8. it is not possible. Theoretically, we could blank the cached pw and pretend that the blank entered pw is in fact the MS account pw - but that doesn't work, because as opposed to local accounts, blank pws are not allowed with MS accounts.
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 4
  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now