It's common not to get all of the information (such as the administrator password) with a used computer. There are a couple of approaches to taking ownership, but we start by understanding the risks.
My dad bought a computer from a yard sale. The problem is that they forgot to take off the password. I’m logged in as a user, but not an administrator, so I don’t have admin privileges. How do I become an administrator?
This is frightening for many reasons.
But it’s not you who should be scared. We’ll get you into the computer quite easily. It’s the previous owner who should be concerned because it’s clear that they didn’t take a few important steps before giving away their computer.
You still need to tread very, very carefully. I’ll explain why.
The problem for the original owner is simply this: they’ve given (or sold) the computer … and all of the data on it.
How do I know this? Because it still boots into Windows. It’s clear that they did not take the extra step of securely deleting all of the data on the hard drive prior to giving it away. We hear stories all the time of second-hand computers that are sold, or even discarded, only to find that there’s a tremendous amount of sensitive, personal data still on the machine.
They may think that they’ve deleted the files that they care about, but as I’ve discussed in many articles in the past, there are often sensitive remnants in other places, and even deleted data can sometimes be recovered.
… even deleted data can sometimes be recovered.
Do you know what you have?
I mean, do you really know what you have?
How do you know that the machine that you just received isn’t chock-full of malware? For all you know, there are viruses, trojans, and spyware on that machine that are just waiting for you to do something – connect up to your local network, share files with other machines, or log in to your bank account. They’re waiting for the opportunity to propagate, compromise accounts, and just generally cause trouble.
I’m not saying that this is the case.
I am saying that you can’t know that it’s not. You have no idea how safety-smart the previous owner of that computer may or may not have been.
You have no idea what’s on that machine. You don’t know what you have … not really.
So lesson #2 is for you, the person acquiring a second-hand machine by whatever means: reformat and reinstall Windows1 from scratch. It’s the only way to be certain that you know what is – and perhaps more importantly what is not – on that machine.
Getting access to the machine
The right way is simply not to try. Get a Windows install disk – perhaps one even came with the machine – and reformat and reinstall Windows from scratch.
It’s the “right” way for two reasons:
- You’re not even going to try to access or recover the previous owner’s data.
- More importantly, you’re not going to suffer from any infections or malware left behind by the previous owner.
That person didn’t know enough to securely erase their data, so what faith do you have that the machine isn’t loaded with viruses and malware? Reformat and reinstall really is the right thing to do.
People are curious or “adventuresome” (perhaps a synonym for foolhardy?) and want to run or see what’s on the existing hard disk – perhaps (hopefully) before they reformat and reinstall.
As it turns out, it’s very easy to gain access by downloading a password reset tool, burning it to CD, and booting from that CD. I’ve covered it in a previous article: I’ve lost the password to my Windows Administrator account, how do I get it back?
As I’ve also said before, if you have physical access to a machine, then it is not secure. That works in your favor here, as you can quickly reboot into this password-reset tool and reset the administrator password to the machine.
And you’re in.
Just be … sensitive … to the data that you might find there. Know that you may very well be dealing with malware or other security issues that you may not be able to see or recover from.