How do I get the administrative password on Windows 7? I don’t want to reset
it; I just want to learn how to know the password
In this excerpt from
Answercast #91 I look at the (fortunate) impossibility of determining an
encrypted password, and the possibility of resetting it.
Determine administrator password
Well, the short answer is that you can’t. The password is encrypted.
Trying to extract and understand what the password is currently set to requires defeating the encryption. That’s why all of the responses I have to people who have actually lost their administrator password (or somehow lost the ability to login to their Windows machine) actually involves using a tool that resets the Windows password to something that you know.
If you are actually facing a problem in trying to access a machine, and you don’t know the password, you have to reset it to a password that you know.
Password resetting tools
Now, there are tools, one in particular called Ophcrack. I don’t recommend it but it’s important that you know it exists.
What it boils down to is: if you’ve chosen a poor password, it may be able to determine what that password is. The way it does that is by trying pretty much all possible passwords or at least all possible somewhat-common passwords.
We’re talking thousands, and thousands, and thousands of passwords- perhaps even millions of passwords that its able to try. It does take some time to do that!
Can’t crack a good password
I will tell you that I tried the program some time ago just to see if it could crack my password – and my password, while it’s not great… it’s good. And it was unable to crack my password.
That’s the tool that hackers typically will point at to say, “You know what? If you want to get into a machine, if you want to discover a password, that’s the tool to use.”
I use that as an example because even that tool will fail if you choose an appropriately complex and non-obvious password. So make sure you’re doing that, in general, when you’re setting up passwords.
If that’s the kind of password that’s on a machine then I know of no way to determine what the password is; only how to reset it to something specific.
(Transcript lightly edited for readability.)
Next from Answercast 91- Do I need a firewall for my Android device?
6 comments on “How do I determine, not reset, the Windows administrator password?”
I’ve used a Linux program that just replaces the password with a bland one. I used Ophcrack once and while it worked it took a couple of days to break the password. I’m just too impatient to wait that wrong.
I never had any problem logging into any of the systems that I hacked that way EXCEPT, and this is an important exception, when the computer had been on an active domain. In that case the Linux method does not work, at least in my experience.
I personally think that the most common reason someone would want to determine the account password without resetting it, would be to crack into someone else’s account. Otherwise, resetting should be a workable solution.
Resetting is the way to go. If the user forgot the password the 1st time, they will probably do forget it again.
Use HBCD to reset it
I thought Ask Leo ignored these questions about cracking passwords. A password reset will make any encrypted file unreadable, i heard it somewhere, maybe here, years ago.
There’s also this: http://pogostick.net/~pnh/ntpasswd/. But of course It’s still a reset.
Like the man says, there’s no way to crack a one-way encrypted password other than brute force.
As Mark J mentioned, this questioner must have an underhanded motive. My guess is a teenager wanting to bypass their parents’ rules and restrictions.