|Home │ Part: 1 │ 2 │ 3 │ 4 │ 5 │ 6 │ 7 │ 8 │|
Administrator Password in Windows XP: how to reset it if you forget (Part 9)
Other methods, not recommended methods and Summary
Topics on this page:
Methods to reset the Administrator or administrative user password (continued from Part 7) Other methods
 Not recommended and ineffective methods
Methods to reset the Administrator or administrative user password
(continued from Part 8)
I may test the others in due course but you have enough tools to do the job for now and shouldn't need any more. For the moment consult their websites for information. Some of them do more than just cracking passwords.
John the Ripper is primarily for detecting weak Unix passwords but also works in Windows and requires another tool to extract the password hash before it attempts to crack it. Therefore it doesn't appear to be the easiest tool to use.
O&O BlueCon XXL (v. 5.0.174) is another commercial software (the same company also produces the defrag tool) with system and password recovery functions from a boot disk.
NTAccess 1.5, another commercial tool.
@stake LC 5: three versions are offered.
8. Not recommend or ineffective methods
This is another method published elsewhere. If you do this, you lose all the accounts and data files including those of the Administrator.
You can re-logon to Windows XP afterwards (as a new SAM is re-created). When you delete an account from Windows XP, all the personal data in My Documents will be deleted. Even if you re-create the account with the same username, the files won't re-appear and in any case the new account will have a completely different security identifier (SID).
In case you desperately want to do this, delete the %systemroot%\system32\config\SAM in DOS (for FAT/FAT32 partitions), the Recovery Console or from another Windows XP installation. But you have been warned of the theoretical consequences (theoretical because I can't be bothered to try this out myself).
I include it here for the record. Instructions can be found on the internet (see Reference) and in at least one book. It seems to apply to Windows NT and 2000 only. When I tried it in Windows XP I got a message saying:
SYSTEM ERROR 5 has occurred.
Access is denied
when using the net user administrator [new password] command in the hacked command prompt masquerading as logon.scr and the same when trying to use lusrmgr.msc (Local Users and Group snap-in) to change the Administrator or any account password.
The error seems to be due to non-administrative privilege when using the net user command as a service in cmd (as documented in KB 256299). Perhaps it used to work before (I've not tried it in previous versions) when it had administrative privileges but in Windows XP (or with the subsequent hotfixes) this is no longer the case for security reasons. You should be able to do it via a normal command prompt.
I will not repeat the steps here (see References). I tried hack the logon.scr using the Recovery Console and from another Windows XP installation. The hacking attempts succeeded but it just didn't work. I also tried using command.com instead of cmd.exe and no command prompt appeared.
The screenshots show what happened. First, the original Windows XP logon screensaver before anything was changed (fig. 1).
Fig. 1. Original Windows XP Professional logon.scr
The hacked logon screensaver, full screen capture (fig. 2).
Fig. 2. Hacked logon.scr
Net user command came up with Access denied error (fig. 3). The same occurred in Safe Mode (not shown).
Fig. 3. System error 5 error message.
Although Local Users and Groups could be started from logon.scr, it again came up with the "Access is denied" error message (fig. 4).
Fig. 4. Access is denied error.
There is no easy way to elevate the privilege to Administrator without logging onto Windows. Changing the user permission of logon.scr, cmd.exe and command.com to Full control using the cacls command there and then had no effect. Try it yourself and if you can figure it out somehow, do please tell me.
8.3. Ineffective method for the Administrator account and unnecessary for other administrative accounts: Safe Mode with command prompt
Forget about this one straight away; skip reading it if you wish. For the uninitiated it sounds very professional. Instructions can be found circulating on the internet and get passed on like folklore without scrutiny. I won't even provide the links in order not to waste your time.
It might work with other administrative user accounts but certainly not the Administrator account. Try it yourself. The reason is plain obvious. Refer to section 4.3 in Part 2 for the effective methods.
This series of tutorials have shown you how to create a Password Reset Disk in Windows XP and how to use it to recover your password. This is the built-in method in Windows XP and is the most reliable for the success of password resetting and keeping your data. Make the floppy disk and practise with it now and you'll save yourself a lot of trouble later.
If you don't do this you'll need to use one of the other available methods. There is no clear winner for the advanced user whom the tools are really aimed at. In a real situation you will probably want to try whichever is the easiest to get hold of or limited by expense or one after the other until you succeed.
The Linux boot disks are of course free and there is not much difference among them. They are not difficult to use but can come up with errors and thus could be unreliable in some situations. Having said that they all worked for me in the English US version of Windows XP Professional. Whether you choose one or the other might depend on your level of skill, personal preference (floppy or CD) and the other tools that come with each distribution (which I've not evaluated).
For the commercial tools the text-mode or GUI tools are somewhat easier for the beginner but expensive. ERD Commander is the easiest to use because of its Windows like GUI in DOS; it is also available as an emergency download and thus have my recommendation if you cannot use Linux methods.
Other inappropriate or ineffective methods have also been reviewed and the reasons for their dismissal explained so you can now forget about them. If you know of another method, or have tried any or have any comments to make from these pages you can drop me a line (link in the home page).
Go to TOP
Arranged with Microsoft articles first but otherwise not in any order.
KB 258289 Windows 2000 Logon Passwords
KB 256299 "Access Denied" Error Message When Trying to Start a Service in Windows 2000
KB 305478 How to create and use a password reset disk for a computer that is not a domain member in Windows XP
KB 308402 'The Password Is Not Valid' Error Message Appears When You Log On to Recovery Console in Windows XP
KB 315341 How to Perform an In-Place Upgrade (Reinstallation) of Windows XP
KB 321305 How to log on to Windows XP if you forget your password or your password expires
Windows XP Professional Resource Kit Documentation: Troubleshooting Startup
Windows XP Power Tools. Jim Boyce, 2002, Sybex, Alameda.
Copyright � 2003-2004 by Kilian. All my articles including graphics are provided "as is" without warranties of any kind. I hereby disclaim all warranties with regard to the information provided. In no event shall I be liable for any damage of any kind whatsoever resulting from the information. The articles are provided in good faith and after some degree of verification but they may contain technical or typographical errors. Links to other web resources may be changed at any time and are beyond the control of the author. Articles may be added, removed, edited or improved at any time. No support is provided by the author.
This is not an official support page for any products mentioned. All the products mentioned are trademarks of their companies.
Created 2 Mar 2004; last updated 23 June 2006