Discussion on:

Five trustworthy password recovery tools

Nice collection of (potentially) useful tools.

How come no mention of the tools at www.nirsoft.net?

Keyfinder at http://www.magicaljellybean.com/ has helped me a lot.

Nirsoft has helped a lot with my IT job. I use the MailPass program like twice a week. Customers keep telling me they don't have an e-mail password.... lol. Another program I use is "Reset Windows Password - from Passcape", it is a live CD that can reset and view current windows/domain passwords (not free). I tested this little gem from XP to W2008 and it came through each time. I almost use this CD as much I use my discs to install/repair customer operating systems, about 60% of my customers don't give me their windows password when they bring their pc for repairs.

Thanks for the info. I agree with the comments about Nir Sofer's tools although I have to carry them on a usb stick with write protection as any good av program detects several of them as dangerous, which they are of course if not used for support.
One free windows password recovery utility I've used successfully in the past, when the user had forgotten their admin login and naturally no password reset disk, is 'Offline Password & Registry Editor' (http://pogostick.net/~pnh/ntpasswd/) - Free boot disk or usb key.
****Please note that this one removes the password so if there are any encrypted (EFS) files they will be inaccessible after resetting the password*** - I wonder if the password reset tools above can deal with efs?

I along with the rest of the Department of Defense have apparently been living in a fool's paradise. I thought our passwords were secure against hacking. Now to see that not only are they not secure, but that people are giving away tools to break them is not only discouraging but disconserting,

Now that's just funny! I know some guys who work in IT security for DoD, and they are very nicely paranoid!

They have had us increase password complexity to an extent that they are having to reset or unlock people's passwords daily. (Because no one can remember them.) In addition, They require frequent rotation of passwords with no similarity to the previous one. But it seems to me that with software to break passwords, no password can be truly secure, as long as the password uses characters that a computer can simulate. So what is the answer? biometrics? But in order for the computer to respond to biometrics the input must convertible to 1s and 0s which again can be hacked by any program sufficiently advanced.

Ntpasswd deserves an honorable mention -- it's one of the classic tools for resetting/blanking windows passwords (if cracking it is too much trouble) and it will go right into the SAM hive and rewrite the password to any local account. The only caveat is that if you reset a password where the user account has folders that are encrypted with bitlocker then you will lose the encrypted stuff. That said, most PCs don't use bitlocker as it must usually be manually implemented.

If these can recover multiple passwords from a store, then you could suddenly have access to a lot of other people's accounts.

Even an admin is technically not supposed to be able to do this.

Still, I can see the need for this sort of capability in a pinch.

So that returns us to the larger questions of data security, such as: level of exposure to networks, encryption, security of backups, and more generally, the problem of criminality in society.

Yes, these are the nice software but few features are always to be considered while choosing a best one.
* It must consist of 'Brute-Force Attack' and 'Dictionary Attack' Techniques.
* Must be Compatible with Windows 7, Vista, 2003, XP or 2000 operating system.
* Should provide a 100% guaranteed recovery and allows you save password in .txt format for future references.

A little off topicbut I've been looking everywhere for a WORKING zip/rar cracker. I pu a pw on azip file of mine from about 8 years ago, damned if I know it now.