I have post a simple method that able to clear windows login password month ago. That method are very simple and will be able to find this solution anywhere online.
After read KeshZone.com post about the winternals password cracking method. I still on my way to test out that software. 1 thing I can said is we need tools to crack or break the password and this winternals software are hard to find in the market, you may download at KeshZone.com also
I have a special method which no need any tools to clear the windows password but it take longer time. This method also easy to find when goggling with the right key word.
What you need is just a windows XP installation CD:
- Insert the Windows XP CD and restart your PC.
- While the CD is boot, you may see “Press any key to boot from cd”, hit it.
- Just like normally windows installation and while you at Welcome to Setup screen, press ENTER to Setup Windows now.
- Press F8 to accept the Licensing Agreement.
- Setup screen will appear and this will show “If one of the following Windows XP installations is damaged, Setup can try to repair it” . You need to press R to begin the Repair process.
- Let the repair run until it reboot, after reboot will be start Installing Windows.
- At this stage is the most important part, while the lower left hand side of the screen display Installing Devices progress bar, press SHIFT + F10. This step is the security hole and it will prompt you a command console.
- At this DOS prompt, type NUSRMGR.
- At this stage, you may change the password you prefer or remove the password
- If you want to login windows without asking any password, type control userpasswords2 in the command prompt.
- After made the changes, close the windows, close the command prompt and continue windows repair. After repair done, you will have your new password to login windows, all the setting in there are still remain same.
This method without need to buy any special tools or software, we just use the security loop hole to crack down the password, but the disadvantage are time consuming. This method is workable, I personally tested before.
My name is Calvyn, from PENANG, an IT Engineer, Malaysia LIFE tech blogger. I am an IT Engineer who blog about my LIFE working Experience, such as Technology, Computing, Networking and also my hobbies, Photography.
By Legend Chew on Oct 29, 2007 | Reply
Wow, this is bad. This mean anyone can hack in our computer. We should sue Microsoft.
By yapkevin on Oct 29, 2007 | Reply
This is a valuable information for us (IT people) because our customer always lost their Admin password… thank man… u make my life more simple…. i will test on this method when i m free… see if its really work or not..
By Mitz on Oct 29, 2007 | Reply
Microsoft purposely let this security hole here… if they realize, they already fix it during SP2
By calvyn on Oct 29, 2007 | Reply
Kevin > this method confirm work, but it consume time… i tested before
By MerCuRy on Oct 29, 2007 | Reply
I think Microsoft found this security hole. Otherwise they will fixed this security in Win Vista also ba?
By calvyn on Oct 30, 2007 | Reply
MerCuRy > I guess they purposely put that bug there, may be make easy for IT people to do troubleshoot
By BerKut on Nov 30, 2007 | Reply
Many thank’s.
Your tip just save me a lot of work on how to recover a pc.
Once again thank’s a lot.
By calvyn on Nov 30, 2007 | Reply
Welcome BerKut, I hope may bring more great tips for you all
By scholi on Feb 18, 2008 | Reply
It’s not really a security hole. And you will never have full securuty. Il you run Linux you can see your Windows partition and modify what ever you want. If you know what file store user password just replace it with an other one. You see total security never exists. But now if you want to protect you against this, just put a password to your BIOS and tell him that he’s not allowed to boot from CD or external HDD. Then you can’t do anything with you XP CD…
By calvyn on Feb 19, 2008 | Reply
scholi > bios password also no security, just easily clear the bios password with the jumper behind the battery…
haha..the most security is lock the door… lol…
By Stoy on Feb 19, 2008 | Reply
It’s a feature not a security hole, what is you lost you password and had very important work on the computer. I guess it would be easier just to boot into Knoppix an retrieve the important files.
But if you don’t have access to a Live CD with Linux, the this is the easiest way of getting your files back.
By calvyn on Feb 19, 2008 | Reply
scholi & Stoy > I wish to learn how to change those file with using LIVE CD to boot up, do you guys have idea where to get those infor?
By Philippine Goji Juice on Feb 21, 2008 | Reply
great post. i liked it…
By KARTIK on Mar 24, 2008 | Reply
thanx dude… but take’s a lot of time
By llampwall on May 8, 2008 | Reply
You can’t just boot up some live cd and swap the hashed password (SAM) files with your own. You need to crack the hash on the password in the SAM file using the bootkey, which can be cracked from the SYSTEM file.
Bootkeys get cracked for you, but the actual password decryption in the SAM file has to be a dictionary or bruteforce attack.
All the cracking can be done on windows or linux with the right tools.