I recently helped a client recover his forgotten Windows password by using a couple of different tools. We eventually were able to reset the Administrator password to a blank password so that he could log into Windows. It was a fairly long and complicated process, but it worked. Unfortunately, there is no “one” way to reset a Windows password and depending on what version of Windows you are running, you might have to try different methods.
In the end, there is also no real guarantee that you’ll be able to crack the password. There are already so many articles written on how to recover or reset a password that I’m not going to reinvent the wheel, but instead will guide you to the best online resources that I have used to crack my Windows password.
1. Ophcrack Live CD – My favorite ways to blank out or crack a Windows password is to use a Linux Live CD. These are special distributions of Linux that run directly from the CD (no installation required) and are specially designed for cracking Windows passwords. You can read the documentation to learn how to use it.
Simply burn the ISO and boot using the CD and the program will get right to work. It may not work, however, on very complicated passwords because it actually tries to determine the password rather than reset it. My buddy over at the How-To Geek site has a great tutorial on using Ophcrack.
Also, Ophcrack uses password tables to brute force crack the user passwords. You can download their free tables, but that won’t crack long passwords. For those cases, you can purchase larger password tables that range from $100 to $1000.
2. Offline NT Password and Registry Editor – This is a very small program, only 3MB in size that you can burn to a CD and boot to. It’ll auto-detect the Windows installation and the account names (that is if everything was installed in the default Windows directories). Using this program you can reset or blank out a Windows password, which means it doesn’t matter how long or complicated it is.
The program was recently updated after four years and now supports cracking passwords all the way up to Windows 8. It’s a bit hard to use, but About.com has a great screenshot guide that walks you through the entire process, so be sure to check that out.
3. Login Recovery – Login Recovery is a web site that has a program that you can either download onto a floppy disk or a cd that you than use to boot up with. If the PC is connected to the Internet, it will automatically upload the encrypted data to their servers and begin the process of trying to recover the passwords. If you don’t have an Internet connection, it will generate a file, which you then manually upload to their site.
I have tried this site and it did not work for my password, which was 11 characters and mostly symbols, numbers, and letters. However, if the password is something simpler, they will probably be able to crack it.
4. John The Ripper – Another free password cracker that works on Windows, Linux and Macs, so it’s useful for any Mac or Linux user who wants to recovery a password. Pretty easy to use and comes with good instructions, so most people can follow along. If you want a step by step guide on using John the Ripper, check out this article from 101Hacker.com.
5. Knoppix STD – G4TV has a good article on another Linux distro you can download and use to crack your Windows password. Follow the detailed instructions he gives and if the password is not too long or difficult, it should be able to crack it!
As you can tell, the best ways to crack a Windows password is using Linux! It might be a little too techie for some people, but it’s definitely worth it if you want to avoid having to re-install Windows and lose all of your data! Any questions, post a comment!