Windows

Use System Restore to overcome a lost Administrator password

Greg Shultz shows you how to use System Restore and a Windows DVD to revive a system with a lost Administrator password.

Even though I wear the tech guru pants in our household, my wife insists on maintaining her own Vista system -- she's my toughest customer. Fortunately, she does take my advice when she is unsure of the necessary steps, and I was able to get her to use a Standard User account and then to provide the Administrator credentials at the UAC prompts, as a security precaution.

Because I'm always talking about security and passwords, she recently changed the Administrator password in order to keep her system safe. Unfortunately, a few weeks later when she needed to make a change to her system, she realized that she completely forgot the new password. Of course, this snafu was now my problem to fix.

Now, being a very customer-oriented tech, I calmly assured her that everything was going to be just fine. While she does have a password-reset disk for her user account, we never created one for the Administrator account.

Fortunately, I remembered seeing a Microsoft Help and Support article about being able to use System Restore to gain access to a system on which the Administrator account password was forgotten.

To my surprise, the procedure worked without a hitch, and I won the best-tech-of-the-year award. Seriously now, since this is a great technique to have in your tech support toolbox, and because it will work in both Windows Vista and Windows 7, I thought I would share it with TechRepublic readers.

In this edition of the Microsoft Windows Vista and Windows 7 Report, I'll show you how to use System Restore and a Windows DVD to revive a lost Administrator password.

This blog post is also available in PDF format in a free TechRepublic download.

Caveats

Of course, in order for this technique to work, System Restore must be enabled and there must be a recent restore point during which you were able to successfully log on to the system.

Also keep in mind that using System Restore and selecting a restore point will return the computer to a state where the logon was successful. If you have installed any programs or updates since the last restore point was created, you will have to reinstall them. You may also have to reset some personal settings. However, you will not lose any documents or e-mail messages.

Getting started

To begin, you'll insert the Windows Vista or Windows 7 DVD into your drive and restart the system. When the system boots from the DVD, follow along with the prompts as you normally would. When you get to the Install Windows screen, shown in Figure A, click the Repair Your Computer link.

Figure A

When you get to the Install Windows screen, click the Repair Your Computer link.
You'll then be prompted to select the operating system to repair, as shown in Figure B. Just select the operating system and click Next.

Figure B

You'll need to select your operating system and click Next.
You'll then see the System Recovery Options dialog box, shown in Figure C. To continue, click System Restore to load the System Restore wizard.

Figure C

Click System Restore in the System Recovery Options dialog box.
When you see the first window in the System Restore wizard, shown in Figure D, click Next.

Figure D

The first window in the System Restore wizard is introductory.
When the next window in the wizard appears, you'll be prompted to select the restore point that you want to use, as shown in Figure E. On my example system, there is only one restore point; however, chances are that you'll have more than one on your system.

Figure E

My example system has only one restore point to choose.
When you boot from the DVD, there will be a drive letter X, and System Restore will be prompt you to confirm that the correct disk is selected, as shown in Figure F.

Figure F

When you boot from the DVD, there will be an extra drive letter and you'll be prompted to confirm the selection.
Finally, you'll be prompted to begin the restore operation. When you click Finish, you'll see one more confirmation dialog box, as shown in Figure G.

Figure G

When you click Finish in the wizard, you'll see one more confirmation prompt.
To commence the system restore operation, click Yes. You'll then see a progress dialog box, shown in Figure H, that will keep you apprised of the restore operation. The restore operation may take a while to complete, so sit back and be patient.

Figure H

The restore operation may take a while to finish.
Once the restore operation is complete, you'll be prompted to restart your system, as shown in Figure I. Click the Restart button. Again, the restart operation may take a while to finish its work.

Figure I

After the restore operation is complete, click the Restart button.
When the system restarts, you can log in using a standard user account. Go into User Accounts, and then you can click Manage Accounts. When prompted by UAC, as shown in Figure J, you can enter the old Administrator password. At this point, you can then change the Administrator password.

Figure J

Once you use System Restore, you enter the old Administrator password.

What's your take?

Now do you know how to use System Restore to access an Administrator account that you were locked out of by a forgotten password? If you have any questions or comments concerning this technique, please take a moment to drop by the TechRepublic Community Forums and let us hear from you.

TechRepublic's Windows Vista and Windows 7 Report newsletter, delivered every Friday, offers tips, news, and scuttlebutt on Vista and Windows 7, including a look at new features in the latest version of the Windows OS. Automatically sign up today!

About

Greg Shultz is a freelance Technical Writer. Previously, he has worked as Documentation Specialist in the software industry, a Technical Support Specialist in educational industry, and a Technical Journalist in the computer publishing industry.

55 comments
Davidmoe
Davidmoe

Thanks for this, I know to overcome a lost administrator password, we can also use a smart Windows password recovery key to reset it, I get the tool fromĀ http://t.co/hPys28aeN2

bkd4289
bkd4289

hehe why no use "net " command ?

Pcobiwan
Pcobiwan

This is great - if you have the *old* system administrator password. Our end users occasionally purchase laptops outside of the company and set up their own admin password. Once that's forgotten it gets a lot harder. I invested in a program from Password-reset.com. It's not a pay-per-password service like some others. So far it's been great.

d.billing
d.billing

Use the administrator password removal tool for XP & Vista, was posted on this site..... Saves all that faffing around..... And it works a treat, I have never come across user account passwords that could not blank out or change.... It makes sense....

mohsin_jml
mohsin_jml

hi But can,t you do the same thing with regular system restore by going to contro panel...????

bsmi021
bsmi021

There are a lot of great things posted here Thanks to those who did, but i work mostly of private machines and you never get the CD with them and of coarse no one ever makes one, so this gets tough to use.

computers
computers

Sorry, but have I missed something here? The article is called "Use System Restore to overcome a lost Administrator password" and at the very end of it we have "When prompted by UAC, as shown in Figure J, you can enter the old Administrator password. At this point, you can then change the Administrator password. " I thought the whole point was that you'd LOST the old administrator password...

pardeshispavan
pardeshispavan

What if I have forgotten the old password. Is there any solution other than reinstalling the OS? Does it apply to Windows XP?

skywagon
skywagon

Tips like these are very good to save....

archigos
archigos

This is overkill. Just use a password clearing boot disk like ntpasswd and save yourself all the trouble.

pdf6161
pdf6161

I don't know whether it works on Windows Vista or 7, but I have been using a special Linux cd that resets XP admin passwords. It is a much shorter process and doesn't require any system restore rollbacks.

Tony Hopkinson
Tony Hopkinson

Erm my neighbour's dog after being possesed be the spirit of a venusian ate my previous password as well so can I not put old one in ... LMAO

jimdano
jimdano

Greg, This was the most beneficial instructional article I have read in a long time. Thank you for all the Screen shots that were explicit as well as your verbage. I will definitely put this in my bag of tricks for sure to come future issues with these darn computers. Sincerly, Jimdano

Mark W. Kaelin
Mark W. Kaelin

The editors at TechRepublic probably get more requests for help with lost passwords (legitimate or not) than any other troubleshooting problem. As an IT professional (or the family tech guru) do you get many, "Help, I lost my password" requests?

wsullivan9
wsullivan9

...because one must be an administrator, and it's that password we're trying to recover/change.

wsullivan9
wsullivan9

The problem with that is... one must be an administrator to use system restore. The issue is the inability to verify administrator credentials, so... Peter Nordahl's Linux is the best way to go. It'll work on NT4.0 and later. Even if the BIOS PW is lost so the boot order can't be changed, it is easily reset by removing the battery, or using the reset jumper.

Data Ninja
Data Ninja

You restore the PC to a point that you know what the 'old' password was. That is what you would enter at the prompt you are referring to. The point of the article is for when someone sets a 'new' password and forgets it, then you use this method to restore it to a point when they DID remember the 'previous' password. This method DOESN'T blank the password or tell you what it is, you have to know the old one that you are restoring to...

dave
dave

Has anyone had problems using ntpasswd?

Gaerotech
Gaerotech

What's the down side ? Seems to good to be true.

gaddy3
gaddy3

Hiren's ( http://www.hirensbootcd.net/ ) has a full set of utilities which boots outside the windows system. You can clear any password for any user (98, XP ,Vista,Win7), along with a host of other utilities ( http://www.hiren.info/pages/bootcd ). Determine if a non booting issue is the hard drive (mechanical) or Windows (Software) issue. Great tool for any tech. Be careful. You can also do substantial damage so this is not for a neophyte

Royc_1
Royc_1

That is easy unless you have disabled boot from CD and Floppy in the BIOS and the dog also ate the BIOS password. See the post above with a link to a Linux boot CD iso by Ron_007. Now who is LOL?

d.billing
d.billing

Why dont you use the 'reset admin password' app that was recently posted on this site?? it would make sense as its much quicker..

Greg Shultz
Greg Shultz

Glad to hear that you found this technique helpful.

Ron_007
Ron_007

I've had to do it on my Home XP machine when XP got "confused" I used "Offline NT Password & Registry Editor, Bootdisk / CD" to reset my admin password. You can download a bootable ISO from them: http://home.eunet.no/pnordahl/ntpasswd/bootdisk.html It runs a character based Linux tool, so it can appear a little intimidating to non-technical users. But it is really easy to use. I checked their page and it has been updated to say that the tools are compatible with Win OS's through Vista 32 & 64 bit and Win Server 2003.

mlieberman
mlieberman

I've had to crack admin passwords for family as well as at my job. For example the company I work for has a habit of coming in after either their tech guy is fired/quits or if their documentation is lacking. So often a client has no idea what the passwords are for their servers. At the same time I have family members who use Computer A frequently but left a bunch of stuff on Computer B which they completely forgot the password to. Granted most other requests for passwords I see are often for illicit purposes.

derek
derek

I received a machine from an IT department that had 3 partitions on the drive and every attempt to reset the admin password failed. I could have brute forced it, but did not want to... I informed the client that he would have to get with his 'geninuses' to gain access as I was not going to damage the partitions to gain access. That is the first time I have ever had an issue and I have used it on EVERY type pf system outlined on the homepage... 1 out of a million....

MrKP
MrKP

i agreed with you on Hiren.

Tony Hopkinson
Tony Hopkinson

If you hang around a bit longer you'll get the joke. Ron, I'm not too sure about though.

Greg Shultz
Greg Shultz

...you will need to use the old password, the one that you remember, in order to access the Admin account.

abacrotto
abacrotto

Greg: I can see from the pitures that in your computer the UAC prompt includes User and Password. I have a DELL Vostro 1710 with Vista Basic installed. It does not ask me for a user and a password, it just has a "continue" button I can press. I don't really know my Administrator password either, as I configured one user when the computer first arrived to home. Can you tell me what is going on ? Regards. Ariel.

dleon63
dleon63

the old password is the lost password?

derek
derek

yep! I timed it recently, and in 5 minutes I was on the machine in administrator mode moving on to other things... this is a b/f techinicians Holy Grail....

pgit
pgit

System restore is more a process than a monolithic file, it's just about useless to try to back it/them up. Any given restore point relies on other points to figure what is and what isn't to be removed, added, altered or what have you, when you select a restore point. What I do is make a full disk image with the likes of G4L, ghost or whatever tool is available. system restore is a nifty tool for when it is appropriate, but it sure isn't something to rely on for a bare metal, ground up full system recovery. If I have to restore data into a system I have re-imaged (re-installed) then I put everything back where it was and get it in working order first, then make a full disk image. I normally use G4L and push the image to wherever a client wants it. I prefer to clone the HD completely and keep the clone in an anti static bag. Some folks want it on an external HD. Then some want to hang on to it themselves, others have asked me to hold them. If we make any major changes to the system we might make a new "master" image. An example would be if someone installed software they paid for. Then it's only a matter of backing up unique data. Of all the free tools out there I find comodo backup to be the most comprehensive and reliable.

joseph_mcmanus
joseph_mcmanus

Hey Greg, I'm running both Vista & 7 RC1 (until RTM comes out) and I noticed that Vista & 7 don't make all that many restore points by itself. XP used to create one every so often, but it's like Vista & 7 have been set to do this at 2 to 3 times slower a rate. I have checked the "show more" box but sometimes this has only 1 or 2 restore points. Is there any way to hack the reg to make Vista/7 create restore points more quickly (sooner) like every 24 to 48 hours or something like that, and would you suggest exporting a copy of the entire registry (or the appropriate portion thereof, which ever that may be) to a flash drive with the OLD password notations in it as an emergency measure just in case the restore point you are looking for (pre-change) is either overwritten or lost due to turn-over? Thanks & L8R

dleon63
dleon63

What really happened was I did not assign any admin rights to any account and for some strange reason Vista auto did by itself (Admin) without a password. Not sure what really happened. So,everytime the system needed updating it can't because I don't have a password. So, Sony tech came to the rescue but I ended up re-installing all my apps. Anyway, Win7 is coming soon. Actually I have Win7 7100 on all my pc just waiting for the free upgrade. And currently downloading Ubuntu 9.10 and it is so slow. But I plan to install it on one laptop. Thanks again.

pgit
pgit

Here's the top of the read me: Windows NT/2k/XP/Vista Change Password / Registry Editor / Boot CD * * * * (c) 1998-2008 Petter Nordahl-Hagen. Distributed under GNU GPL v2 * * * * DISCLAIMER: THIS SOFTWARE COMES WITH ABSOLUTELY NO WARRANTIES! * * THE AUTHOR CAN NOT BE HELD RESPONSIBLE FOR ANY DAMAGE * * CAUSED BY THE (MIS)USE OF THIS SOFTWARE * * * * More info at: http://home.eunet.no/~pnordahl/ntpasswd/ * * Email : pnordahl@eunet.no let's see how that formats here... =D And I was mistaken. I thought this was a DOS environment but it's syslinux. Must have been thinking of bartpe.

pgit
pgit

I'm not in the office atm, and can't remember the name of the critter, but I found and use a live CD that boots a DOS environment (much like the install CD "rescue mode" but way more powerful) that has a lot of commands built in. You can blank or reset any password, run check disk, redo/alter partitions, the boot sector etc. Saved me a lot of time chasing people down for a password, only to find they can't remember it... If I remember I'll post the name and a link. (I'll put this in the todo bookmarks)

dleon63
dleon63

But it did not work with my Sony laptop with Vista 64 bit. Finally, Sony sent me a link to a procedure to restore the drive to factory setting and reinstalled all my apps back. Now, I have two accounts with Admin rights to play it safe. Thanks anyway.

nz_helpdeskguy
nz_helpdeskguy

Load Ubuntu live or any other live distro, download chntpw (Change NT password), point it too your %windir%\system32\config of the target. Type = 'sudo chntpw SAM' at terminal window. Boomshanka! blank administrator password. Works with Vista / 2003 havn't tried with Win7 yet No system restore or loss of apps since last restorepoint.

dleon63
dleon63

I use to dual boot with xp and ubuntu, then i forgot my password in ubuntu - went online and found a way to recover which i did in 10 minutes. i went ahead and uninstall ubuntu 7. not sure if the 9 works the same way.

pgit
pgit

I had never thought of it, that a system restore reverts a password. Not sure that's good or bad. I suppose it's good in this circumstance. =D

tom
tom

Microsoft makes it a little difficult to log on as the administrator for some reason. I'll have to experiment with Vista, but with XP you are prompted for a user name when you first fire up the PC, but aren't given an opportunity to add a password. When you get to the prompt where you see Continue, press Ctrl-Alt-Del twice. In XP that will usually bring up a dialog where you can log in as any account. Type in Administrator and leave the password blank. Once logged in as administrator, go to User Accounts in the Control Panel and find the administrator account. Click on it and choose to add a password. Sorry, I'm on a domain, so I can't tell the exact verbage. You can repest those steps to create a password for yourself also (when logged in as yourself).

eScoop
eScoop

Are you aware that Ophcrack comes in 2 downloads - one for XP and one for Vista? If you, are sorry to presume - if not, try the other version.

joseph_mcmanus
joseph_mcmanus

Hi All, Well I agree that Ophcrack live CD is good, HOWEVER, it WILL NOT crack ANY password that has any symbols (i.e. !@#$ %^) in it, it will only work IF the password is alpha-numeric ONLY. If the password has a single symbol in it you would have to BUY the Ophcrack rainbow tables for the program, and believe me when I tell you I almost had heart failure when I saw their price for them, WOW!!! If you are doing this for the job, & your department has DEEP pockets, then it's doable, BUT if this is for personal use, get out the oxygen tank, AED (automatic defibrillator), and nitroglycerin tablets. I know all this because my best friend died suddenly about a month ago, and didn?t leave any of his passwords around for his family to find, and I was helping his Mother and Step Dad to try to recover his OS install so that they could get into his Outlook & notify all his friends of the event. Well enough on that, just watch out for the $$$. Take care.

SmartAceW0LF
SmartAceW0LF

Have been using Ophcrack for quite sometime now. Though I havent had any luck with the LiveCDs on Vista or Win7. Hope they did get it working right though. On another note within this same topic, the only password resetting utility that I have found to work in Vista and Win7 without a hitch is the one packaged with the UBCD disc called Password Renew.

dan
dan

Legitimate Uses: I haved used it to find the password of a deceased individual. The parents "Inherited" the sons fairly new protected pc but could not gain access until I cracked it. I have also used it to test our password strength. It's good up till about 14 characters.

Editor's Picks