Our forums are currently in maintenance mode and the ability to post is disabled. We will be back up and running as soon as possible. Thanks for your patience!

General discussion


NT Password Recovery

By michaelh ·
I need some suggestions what how to recover an NT password, most particulary an Administrator password. I've run into a client that has had his password saved upon log in for several years up until it crashed over Labor Day weekend. Now he's dead in the water.

Please advise.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

by sachin In reply to NT Password Recovery

download this utilty

and you are done

Collapse -

by michaelh In reply to

Poster rated this answer.

Collapse -

by dmiles In reply to NT Password Recovery

There are Linux boot disks that have DOS and NTFS filesystem drivers and software that will read the registry and rewrite the password hashes for any account including the Administrators. It is as simply as:

shutdown or turnoff the PC
put the book disk in the PC and reboot
respond to the Linux prompts
the highest barrier is understanding unix media descriptors
select the account whose password hash needs to be rewritten & enter a new password
reboot & access using the new password
This process requires physical access to the console and an available floppy drive.

The following site provides the downloadable boot disk image, image to disk utility, source code, and supporting documentation: Offline NT password utility. This version can disable syskey protect. They do note that turning off syskey under Windows 2000 damages the SAM and is not to be attempted except as a last resort to reinstallation. Watch for updates.

See Analysis of Alleged Vulnerability in Windows 2000 Syskey and the Encrypting File System for Microsoft's perspective.

I have seen the Linux boot disks fail primarily on scsi-based boxes when the boot disk did not have the proper scsi driver or when there was some problem detected in the scsi setup. I have also seen PCs where the Linux boot disk works but the SAM seems to be invisible to Linux (although its in its standard location and later access with NTFSDOS allows it to be copied).

Collapse -

by michaelh In reply to

Poster rated this answer.

Collapse -

by michaelh In reply to NT Password Recovery

This question was closed by the author

Related Discussions

Related Forums