How to gain access to your Windows account if you lose your password

Monday, 7 April 2014



Bypass Windows security with the hidden administrator account



If you're using a single account, it's surprisingly easy to lock yourself out of your own computer by losing your password. Luckily, its just as easy to get back in again without leaving a trace – so long as you haven't misplaced your Windows Installation DVD. Here's how.
In terms of PC disasters, few problems are quite as notorious at ruining your day like losing your Windows password. When password hints prove to be flimsier than expected and there's a distinct lack of any alternative user accounts, trying to log in to your PC often degenerates into a frustrating exercise of trial and error – while typically never exceeding the latter part. More often than not, common approaches to this problem tend to be fairly elaborate and usually involve creating boot disks with password bypass tools or an independent Linux OS. If your Windows Installation DVD is within reach however, or if you are using Windows XP, there's no need to bother with any of that. Here's how to infiltrate Windows' defences and reset your password without third party tools.


Resetting passwords in Windows XP

The easiest way to regain control of your system makes use of the hidden Windows administrator account, which conveniently comes unprotected. With its help, you can make sweeping changes to your system and override most of your previous settings, including user passwords. Though it is disabled by default for security reasons, getting access hardly poses a problem in Windows XP (excluding the Pro version). Here's how you do it:
1. Restart Windows in safe mode. To do so, reboot your PC and tap F8 a couple of times right after the BIOS initialization screen has passed. If you are unsure when that is exactly, you can also employ the advanced technique of tapping it continuously and in quick succession throughout the whole booting process.
2. This will bring you into the Windows boot menu. Choose the option “Safe Mode with Command Prompt”.
3. Ideally, you should be offered an “Administrator” user account in the login-screen by default. If not, try hitting Ctrl + Alt + Del twice to bring up a user name prompt, type in “Administrator” without a password and hit enter.
4. Inside of the Windows safe mode UI, you should now see a command prompt. Enter to line "net user" to get an overview of all active accounts on your system. Note down the name of the user account that you lost access to, and use it in the commandnet user [username] [password]to assign a new password to it. This could look like this: “net user Martin 123456”.
5. Restart your PC and log into your account with your new password.

Resetting passwords in Windows Vista, 7 and 8

Just like in Windows XP, you can gain circumvent Windows' security measures with a hidden administrator account. Unlike Windows XP however, Microsoft has since fixed its rather blatant vulnerablility in safe mode, so that the administrator account can't be reached quite as easily any more. This is where the Windows Installation DVD comes into play (make sure that it isn't simply a Recovery DVD, as that won't suffice). With it, you can navigate to the administrator account without ever setting foot into Windows itself. Note that this method unfortunately requires modifying the registry and can thus be rather intimidating at first. If you follow our instructions carefully however, you should be on good terms with Windows again in no time. 

  • 1 .Start your PC with the bootable Installation DVD of Windows. If you have not already done so, make sure to adjust your boot priorities in the BIOS, so that your CD/DVD/Blu-Ray drive has priority over your hard drive.
  • 2. In the first menu, select your installation language and click on “Next”. In the following window, click on “Repair your computer”.
  • 3. The set-up assistant will now search for Windows installations and list them up. Choose the one that applies to you and proceed to the next window. Continue by clicking on “Command Prompt” continue to the more in-depth part.
  • 4. Enter “regedit” into the prompt and hit enter. This will open the Registry Editor, which isn't yet connected to the registry of your installed version of Windows. To remedy that, select “HKEY_LOCAL_MACHINE” on the left, and navigate over “File” > “Load Hive”. Enter the line “%windir%\system32\config\sam“ into the field “File path“ and click on “Open” to load the user and password information manager of Windows (alternatively, you can also manually browser to your Windows folder and select the SAM file). The Registry Editor will then demand a name for the new hive, which can be anything you like. Just make sure to remember it for the following step.
  • 5. Head to “HKEY_LOCAL_MACHINE > [Your new hive] > SAM > Domains > Account > Users > 000001F4”. Turn your attention to the right panel, where you will find an entry simply called “F”. This is where we will activate the administrator account for Windows. Double-click it to summon an hexadecimal editor with a bunch of neatly arranged numbers.


  • 6. Look for the line that starts with “0038” on the left side. Directly next to it (to the right), you will find the value “11”. Double-click it and overwrite it with “10” to activate the administrator account. Be advised that it's important not to change anything else, as Windows might be rendered inoperable otherwise. Don't worry - if something does go awry, just click on “Cancel” and try again. Otherwise, click on “OK”.
    7. Close the registry editor and the command prompt and reboot your PC without the Installation DVD. If everything has worked, you will now find a new administrator account to log in to in the welcoming screen.
    From here on out, unlocking your own user account is a breeze. Log in to the admistrator account, summon your command prompt up again by clicking on the Windows-Symbol in the bottom right corner of the screen and search for “cmd”. Right-click the tool in the search results and select “Run as Administrator”. Enter the command
    net user [your account name] [your new password]

    Tip: It is advisable disable to administrator account again after it has fulfilled its purpose, as its unprotected, yet powerful nature can pose a serious security risk. To do so, log into your own account, open the command prompt with administrative rights again, and enter
    net user administrator /active:no
    Alternatively, you may hold on to it, but equip it with a password by entering
    net user administrator [password]
    In either case, restart you computer for the changes to take effect.

    Copyright @ 2014-16 Latest Tech Tricks Everyone Should Know | Imhacker. Designed by Imhacker

    Total Pageviews

    About Imhacker

    Follow us on Facebook