Windows passwords are a necessary evil. They help protect our systems, but they can also be a real pain in the neck. Employees leave, IT workers quit, IT consultants fail to properly document deployments. Regardless of the cause, you're left with a locked account and perhaps a locked system.
In this IT Dojo video, I demonstrate how to quickly and easily reset local account passwords, including Administrator, on most Windows systems. The Offline NT Password and Registry Editor is a Linux-based utility that can reset passwords on Windows-NT based systems that use NTFS, including Windows NT, Windows 2000, Windows XP, Windows Server 2003, and Windows Vista. The tool creates a boot environment through which you can reset passwords via a series of text menus. The Offline NT Password and Registry Editor isn't the most polished utility, but it is effective.
Before anyone starts flaming me in this post's discussion for sharing "Cracker advice", let me make the following point. It is possible for unscrupulous individuals to bypass security measures with tools such as this. But, there are also plenty of legitimate, work-related reasons to reset a Windows password. The Offline NT Password and Registry Editor is just another tool in the IT professional's arsenal.
Use the tool at your own risk!
There are also risks associated with using this tool. As it is editing the Windows registry, the Offline NT Password and Registry Editor could easily render a system unbootable and even destroy existing data. This is especially true of accounts that use the Encrypting File System (EFS).
For more information on using this tool, read Erik Eckel's article, "Reset lost Windows passwords with Offline Registry Editor." From the article page, you can print Mark's review, save it to your TechRepublic Workspace, e-mail it to a friend or colleague, and even Digg it.
For more password and security advice, check out the following TechRepublic Resources:
- Create a Vista password reset disk using a USB flash drive
- Reset user passwords with Windows Server 2003's DSMod command-line tool
- Computer Forensics: Cracking a protected BIOS and creating disks for analysis
- Help users create complex passwords that are easy to remember
- Password redundancy for the help desk: Craft your own escrow
- Balancing support and security: Do you encrypt your drives?
- Will the real Windows Vista Administrator account please stand up?
- Bypass the Windows Vista's logon procedure
- Securing end users' pesky password problems
- Reset local administrator password VBScript
- Remove Internet Explorer content advisor password script
- Presentation: Raise user awareness about password security
- Bypass the BIOS password by hacking your CMOS settings
- Automatically log in to Vista and still be password protected
- Combat password cracking and brute-force hacking tools
- TechRepublic's Password Policy
- Hacking Windows XP and Windows Server 2003
Bill Detwiler has nothing to disclose. He doesn't hold investments in the technology companies he covers.
Bill Detwiler is Managing Editor of TechRepublic and Tech Pro Research and the host of Cracking Open, CNET and TechRepublic's popular online show. Prior to joining TechRepublic in 2000, Bill was an IT manager, database administrator, and desktop support specialist in the social research and energy industries. He has bachelor's and master's degrees from the University of Louisville, where he has also lectured on computer crime and crime prevention.