"TR members do not assist in password recovery or removal.
Do not respond to this thread.
We, the members of TechRepublic - A Resource for IT Professionals, will not assist anyone in the recovery/removal of lost passwords. You may have a legitimate reason to recover/remove a password. However, we cannot verify your motives and will therefore not assist anyone in what may be an attempt at gaining unauthorized access to a computer system. Due to the open nature of this forum, any assistance given to help circumvent security measures, even for legitimate purposes, would be available for unscrupulous individuals to use for illegitimate purposes. This is a risk that we, the members of TechRepublic, will not take. Please do not ask questions of this nature on TechRepublic.
If you have a legitimate need to circumvent a password scheme, please contact the vendor for the software / hardware and request their assistance. E.g. Windows XP password recovery/removal issues should be taken up with Microsoft's technical support, Phoenix BIOS password recovery/removal issues should be taken up with Phoenix Technologies, hard drive password recovery/removal should be taken up with the manufacturer of the hard drive, etc...
To those viewing this post: Please DO NOT respond any further to this thread.
This template has been released under the GNU public license and you are encouraged to use it as a standard reply for questions of similar nature, provided that you make any modifications available to other users."
Discussion on:
View:
Show:
If this is regarding TR's decision to post the information then I would suggest that it does not apply. The bad guys already know this stuff; it's no benefit to them. This simply gives the good guys who don't already know it a chance to catch up to the infosec nerds and criminals.
If this is regarding the expected inflow of "hep me break password" posts then endorsed fully.
If this is regarding the expected inflow of "hep me break password" posts then endorsed fully.
even gets rid of those nasty Adobe hidden directories and files!! 
Hands down it's the thinnest, fastest, most compatible live system I've found. It also defaults to 'absolute-dictator' level permissions, you are the God of the machine you're running Slax on.
It's the obvious choice probably but it's also the liveCD/USB I usually have handy.
In Windows, I still use ZDNet's Password Pro...I've had if forever
it seems, but it still works quite well. I've still got the old 16 bit
Windows 3.1 version, hehe! On my newer XP and 7 machines
I use the 32 bit version. I don't have a 64 bit system, yet,
so not sure if Password Pro 32 works with those.
it seems, but it still works quite well. I've still got the old 16 bit
Windows 3.1 version, hehe! On my newer XP and 7 machines
I use the 32 bit version. I don't have a 64 bit system, yet,
so not sure if Password Pro 32 works with those.
primarily because that's what we've switched to at work. It makes it easier on my feeble brain cells if use the same tool across the board.
Good article Jack! I have used l0phtcrack for password recovery but I can't afford to upgrade to a newer version so I am looking for alternatives.
To those viewing this post: Please DO NOT respond any further to this thread. (he he)
To those viewing this post: Please DO NOT respond any further to this thread. (he he)
This CD boots linux and will work with most versions of Windows. Created by Peter Nordahl-Hagen.
I actually removed the hard drive and used it as a back-up drive then removed key elements in the file sections which are used to house the password keys. Once they are deleted there is no more password block-out.
I've been doing this trick for a while. I used to install Ubuntu in a flash drive and downloaded chntpw utility. I just install this utility after booting from Ubuntu. Ubuntu in flash drive can also be used to usb-bootable system to recover files in a corrupted windows system.
Nice trick!
Nice trick!
I use a similar tool for resetting of passwords called Trinity rescue kit which uses a linux kernel. I find it quite useful and there is no need to use any command line tools. Just thought that I would share this with you.
So even accounts that are encrypted, once the password is reset/removed, they can still be accessed? I ask as I won't encrypt the account if it is this easy to gain access to everything. I assumed the password was used as part of the encryption key in winxp
I don't think this works with encrypted partitions/accounts. I may be mistaken but I've always assumed the password is part of the hash, and losing it means losing whatever is encrypted.
As pgit suggests, this tool should not work with full disk encryption. It relies on being able to see and mount the Windows partition to see/read/modify applicable files. If you encrypt the hard drive then boot a liveCD it'll report that there is a hard drive physically installed but without any readable partitions detected on it.
You could additionally password protect the BIOS and disable booting from CD and removable media. All three mitigate the risk of someone using a boot tool to reset your password but I say "additionally" because only disk encryption protects against simply popping the drive out and copying the password database to take home and crack.
(edit): Pgit mentions seporate encrypted user accounts. Just for clarity, encryption needs to include your c:\windows directory tree which contains your password database (SAM). It doesn't matter if your indavidual user areas are encrypted since the passwords would be outside of that protection.
You could additionally password protect the BIOS and disable booting from CD and removable media. All three mitigate the risk of someone using a boot tool to reset your password but I say "additionally" because only disk encryption protects against simply popping the drive out and copying the password database to take home and crack.
(edit): Pgit mentions seporate encrypted user accounts. Just for clarity, encryption needs to include your c:\windows directory tree which contains your password database (SAM). It doesn't matter if your indavidual user areas are encrypted since the passwords would be outside of that protection.
I use Ophcrack as my first tool to reset passwords since it simply cracks the password and shows it to you in plain text (chntpw is my fallback method). Getting the existing password and using that (instead of overriding it with chntpw) ensures that files that are encrypted with EFS do not become unreadable.
In my experience, Ophcrack using the 'free' tables that come with the LiveCD has about a 50% chance of cracking passwords -- often within 10 minutes. You can buy larger and more advanced tables that have a higher success rate, and its probably a good idea if you have to do a lot of password cracking/resetting.
I, personally, use a linux distro loaded on a portable HDD with Ophcrack, chntpw, clonezilla, and a lot of other little recovery tools. Its fast (orders of magnitude faster than a flash drive) and versatile.
In my experience, Ophcrack using the 'free' tables that come with the LiveCD has about a 50% chance of cracking passwords -- often within 10 minutes. You can buy larger and more advanced tables that have a higher success rate, and its probably a good idea if you have to do a lot of password cracking/resetting.
I, personally, use a linux distro loaded on a portable HDD with Ophcrack, chntpw, clonezilla, and a lot of other little recovery tools. Its fast (orders of magnitude faster than a flash drive) and versatile.
Everthing works are advertized until#3 Issue the command sudo chntpw SAM, I get back can not find chntpw, what am I missing. I am booting from CD.
thanks in advance
/s/ Frank in Florida
thanks in advance
/s/ Frank in Florida
chntpw is one of the modules in the Slax repositories, I would think
other distributions have it. Might try searching for it using whatever
internet search engine you prefer (Bigpoint, Google, Bing, Ask, etc.)
other distributions have it. Might try searching for it using whatever
internet search engine you prefer (Bigpoint, Google, Bing, Ask, etc.)
Nice article although for the non-computer savvy people like me the Offline NT/2000/XP/Vista/7 Password & Registry Editor which is similar would be easier to use as you don't need to issue commands from the Terminal.
I wonder if these methods will still work on Windows 8.
I wonder if these methods will still work on Windows 8.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
