Here be dragons. Maybe.
This is frightening for many reasons.
It’s not you who should be scared. We’ll probably be able to get you into the computer. It’s the previous owner who should be concerned; it’s clear they didn’t take a few important steps before selling their computer.
You still need to tread very carefully. I’ll explain why.
Become a Patron of Ask Leo! and go ad-free!
Gaining access to a second-hand computer
- You may be giving away personal information when giving away a computer.
- You risk exposing yourself to malware or worse when accessing data from a second-hand computer.
- The safest solution is to reformat and reinstall, not even trying to access existing hard disk contents.
- If you must, try a password-reset tool.
- Alternately, remove the hard drive and connect it to a different computer as a secondary drive.
Seller beware
The problem for the original owner is this: they’ve given away or sold the computer … and all of the data on it.
How do I know this? Because it still boots into Windows. It’s clear they did not take the extra step to securely delete all of the data on the hard drive. We hear stories all the time of second-hand computers that are sold or discarded with sensitive personal data still on the machine.
They may think they’ve deleted the files they care about, but as I’ve discussed in many articles in the past, there are often sensitive remnants in other places, and even deleted data can sometimes be recovered.
So lesson #1 is for whoever sold the computer in the first place: securely erase your data, or you run the risk of the computer’s new owner having access to all of it.
Buyer beware
Do you know what you have?
I mean, do you really know what you have?
How do you know the machine you just received isn’t chock-full of malware?
For all you know, there are viruses, trojans, spyware, ransomware, and more on that machine, just waiting for you to do something: connect to your local network, share files with other machines, or log in to your bank account. They’re waiting for the opportunity to propagate, compromise, destroy, and generally cause havoc.
I’m not saying this is the case; I am saying you can’t know that it’s not.
You have no idea how safety-smart the previous owner of that computer may or may not have been. You have no idea what’s on that machine.
You have no idea what you have … not really.
The right solution
So lesson #2 is for you, the person acquiring a second-hand machine by whatever means.
The right thing to do is to ignore anything on the hard disk, get a Windows install disk, and reformat and reinstall Windows from scratch. It’s the only way to be certain you know what is — and perhaps more importantly, what is not — on the machine.1
It’s the “right” way for two reasons:
- You’re not even going to try to access or recover the previous owner’s data.
- You’re not going to suffer from any infections or malware left behind by the previous owner.
That fact that the previous owner didn’t know enough to securely erase their data doesn’t bode well for their security habits.
Getting access anyway
I know, I know, sometimes people are curious or “adventuresome” (perhaps a synonym for foolhardy?) and want to see what’s on the existing hard disk.
Fair enough. There are two approaches.
- It may be possible to gain access by downloading a password reset tool and booting from it. I’ve covered this in: I’ve Lost the Password to My Windows Administrator Account, How Do I Get It Back? While this approach doesn’t always work, when it does, you simply set the administrator password and reboot into the installed operating system. You’re in.
- Remove the existing hard drive, place it in an external enclosure, and connect that to a different PC. This will at least let you examine the hard drive’s contents.
As I’ve also said before, if you have physical access to a machine, then it is not secure. Here, that works in your favor.
Just be sensitive to the data that you might find — and know you may be dealing with malware or other security issues you may not be able to see or recover from.
Do this:
Subscribe to Confident Computing! More confidence & less frustration -- solutions, answers, & tips -- in your inbox every week.
I'll see you there!
Podcast audio
Video Narration
Footnotes & References
1: And yes, this may require you purchase a new license for Windows. It is generally against the terms of the Windows license agreement to transfer it to someone else. Particularly if the machine didn’t come with installation media or a product key, installing your own new copy of Windows — or any other operating system — is the only legal course.
Re: ‘I shut down the PC, turned off all power and waited about 40 minutes for the capacitors to discharge then removed the battery.’
That process has no effect on the OS password for the admin account. The OS password is data written on the disk. It is not a CMOS/BIOS issue to be addressed by defeating the CMOS/BIOS password (what the process above is doing).
intresting….they all do work…but not in all cases…so give this a try:
.1.google..and searche for ophcrack live cd..burn it…and log in to it..and just exit…while exiting…all admin passwords and names will pop out 😉 very easy and no swette.
.2. that is a bit tricky…but nice..but also require some command knowleges..so what to do:…while ur in the user(not admin)…locate the screen saver path and copy there the cmd.exe (command promp) and set it up!!!! well its not that simple but u can make it…
after that reboot…and dnt loggin just wait for the screen saver(replaced by command prompt)..and start surfing with admin priv…..
gd luck..;)
Remember, that once the computer is yours, any information on it is yours now, too. Any information. Including all that child porn which the previous owner had downloaded. Something to think about when those nice friendly FBI agents come bashing in your door wearing bulletproof vests and carrying assault rifles in a no-knock raid at 5:00 in the morning…
Hey! Maybe reformatting that drive and reinstalling from scratch isn’t such a bad idea after all!!!
I must reply to my own post:
You can avoid those nice friendly FBI agents who come bashing in your door wearing bulletproof vests and carrying assault rifles in a no-knock raid at 5:00 in the morning, if — when you see all that child-porn — you turn the computer over to the FBI yourself.
Yes, that means you lose your newly acquired computer. No, if it’s full of child-porn, you don’t want it anyway (unless, of course, you are of a like mind with the previous owner… in which case, I hope you DO get nice friendly FBI agents coming bashing in your door wearing bulletproof vests and carrying assault rifles in a no-knock raid at 5:00 in the morning).
With luck, you’ll be a hero for helping to take down a REALLY bad dude, and with even BETTER luck, the FBI might just even RETURN the computer to you once they’ve finished with it!
As I mentioned in an earlier comment, the problem with that is, the files may be hidden somewhere, possible in a system folder where you would not think to look. The safest thing is DBAN or at the very least, a system reinstallation which overwrites everything. The problem with a system reinstallation is that illegal material may still be on the drive unindexed and recoverable by programs like Recuva.
The “right way” is the safest way – I mean what would you do if the PC had a key logger or FBI-arrest-and-jail-you-forever porn still on it? During a “right way” reinstall you will probably need the Windows Product Key – if there’s no Genuine Label on the PC (its on the case, right?) then run Produkey or Magical Jelly Bean to get the in-use key for the re-installation. Good Luck and buy your boyfriend a beer to do the installation!
Now that we’ve said that you can skip a lot of trouble by doing a “right way” disk wipe and then installing Knoppix on your laptop (which is free of legal encumbrances and has lots of the newest drivers) and is much faster on startup. Or use an Ubuntu Live CD if its a plain pc! Yay Free Software!
I’ve used the Magic Jelly Bean Key Finder method and then a clean install. That’s the cleanest method. Using a computer that’s been running for a few years is bound to run slower than a freshly installed system.
On the other hand, it’s possible that the computer you bought has other useful software that you might lose with a fresh install (the Jelly Bean also gives you the MS Office S/N).
One thing that works on 95% of older XP systems: At the log-in window his ctr-alt-del twice. A log in dialog will come up instead of log-in icons. Enter Administrator as the user name with no password. Ive gotten into dozens of computers that way. Vista and XP SP2 and above fixed this bug.
System rescue CD from http://www.distrowatch.com has a utility to change windoz passwords…most live Linux distros will give you access to the windoz drive…
I am a tech and this doesn’t sound right to me. Are sure you are not talking about getting past the BIOS administrator password?
I would just reinstall the OS. Look on the COA sticker and find the product key. Then you can use any installation disc of the same OS and same edition (e.g. Home premium) to install and activate with that key.
If it is a Windows 7 key, you can get the .iso from here:
http://www.mydigitallife.info/official-windows-7-sp1-iso-from-digital-river/
You don’t necessarily need the exact same edition. I had a key but not the install disc. I started installing XP Professional. During the install it asked for the key. After inputing the key, I ended up with an install of XP Media Center Edition.
I have an article on that: http://ask-leo.com/i_dont_have_installation_media_for_windows_what_if_i_need_it.html
I tried the ctl alt delete no password and still can’t get in. this is my own computer I have used for years. i believe I was hacked. I cut off my Internet due to receiving hundreds of emails daily mostly of naked women which led back to a dating site. my resume is on the computer and Im out of work and a divorce cleaned me out. anybodys help appreciated. I can get to safe mode and to to the screen showing the Administrator and one other account. forgot the passwords. I think someone was accessing my info and took over administrator role.
The article listed in the “Read more:” section will help: I’ve lost the password to my Windows Administrator account, how do I get it back?
my mom gave me her old computer. but she got it from her x lover. and she does not know the password
for administrative, stuff. i am cmputer stupid. please help. if i have to earase everything I do not care. oh yah its a Mac oxs model number POwer Mac M8493 100
Hello there! i bought a new router and it came with a “easy to install” setup with a disk. i go to put in the disk and it ask for administrator password which only my step-mother knows. She won’t put in the password, nor tell me so i can install the new router. (she believes its going to have have viruses and such on the disk)Although i showed her its directly from the company. Is there any way i could bypass the Administrator password so i could install this disk to get this router all setup without resetting the computer to factory defaults?
The first article in the ‘Read more:’ list explains how to do that. In your case, there might a problem with that solution. You’d get admin access, but only by changing the password. That probably wouldn’t make your stepmother very happy.
https://askleo.com/ive_lost_the_password_to_my_windows_administrator_account_how_do_i_get_it_back/
One way, as LEO strongly urges, is to just REINSTALL Windows – but what if Windows has been UPGRADED and the COA is only buried in the Windows operating system?
What if the COA label wore off the bottom of the laptop?
Step one is to SCAN the drive using a free Antivirus Rescue CD or the free Microsoft Windows Defender Offline for USB – just choose 32 bit or 64 bit.
Once installed, boot to the CD or USB stick.
I did that, then pulled the drive and connected it to a working PC just to run a little tool WRR that only gives up the Windows COA and no personal info, no passwords.
Once again the unknown system does not need to be booted.
Hard drive now free to be filled with zeros 24x over.
Hello,
Can a computer store take the adminstrative account off from the laptop????
Sure, I would expect so.
l bought a second hand pc,and now it is asking me the admistration password.l do not hav acess to windows .how can l remove it and reboot my computer
Leo warns of the dangers, but if you are willing to take the risk, this article explains how:
https://askleo.com/ive_lost_the_password_to_my_windows_administrator_account_how_do_i_get_it_back/
Password reset tools will not work on Windows 10 computers.
If you have WIndows 10, and are using a Microsoft (hotmail, outlook.com, MSN.com or live.com) account to log in, you can reset the password by resetting your Microsoft account password.
But you will not be able to use any of the password reset tools mentioned in this article.
Windows 10 computers, or computers running UEFI? They’re not the same.
I still haven’t seen an answer to the CMOS/BIOS admin password vs the “windows” admin password in the OS. I just bought a 2nd hand “refurbished” laptop (Dell e5400 64 bit win 7 pro) on Ebay that has the BIOS locked out with that CMOS administrator password. How can I reinstall Windows if I can’t even change the boot order to boot from CD? Even if I were to be able to F2 or F12 (boot to dvd) during the process, the BIOS admin would still be password protected. I flashed the BIOS, no go. I tried the dogbert algorithm thing but entering a bad password 3 times doesn’t give me a hash code to use so nothing to plug into Python. Do I just dig into it and solder in a new preprogrammed BIOS chip ($20 on ebay but ….)? If I’m opening it up already to remove / unplug the cmos battery I might as well. This seems drastic. Dell support doesn’t seem to want to help since I’m not the original owner and I don’t know who was. Help!
First, the BIOS password is completely unrelated to Windows. COMPLETELY unrelated.
Second, only Dell can help you. If a BIOS has a password, then it has a password. Either you need to live with how its configured (which you obviously cannot), or Dell or someone has to tell you how to bypass the password – which completely negates the value of the protection that the password provides. In some cases there are hardware reset switched, but again, this is something specific to the machine and only Dell can help. You may get lucky if you search for your specific model number and “BIOS password reset”, but there are no guarantees.
I and my boyfriend have split up. I payed for the computer and he let me have it. the problem is he signed in as administrator. I know what’s on the computer including my pictures. is there any simpler way to get password or do I need to do what you said?
Ask him for the password?
What if the computer has something illegal (like illegally downloaded songs or perverted pedo pix)? Is there a way to tell or take it off?
Can they tell when it was done, or do I get blamed? What’s the law say? Better yet; is there a way to just reset everything?
Not being lawyers, we don’t have an information as to the legality. You’d need to consult a lawyer about that, but as the article recommends, the safest thing is to wipe the drive and start from scratch. If the computer was used for illegal activity, there’s always the possibility the previous owners would have hidden the files in a difficult to find folder, so a simple inspection might not reveal it. If you don’t have a licensed version of Windows to use, Linux Mint is great for reviving older machines.
Yes: reformat the hard disk, erase EVERYTHING, and install Windows from scratch – as the article advises.
You might want to consult an attorney on that question. My own understanding (but note that IANAL!) is that when personal property changes hands, the transferee gains all rights — AND all liabilities — associated with that property. Ouch!
Hi, I bought a computer at auction for a good price and I’m selling it on for profit. It has a password (which I don’t have), runs windows 7 ultimate. i don’t want access to their files, will I be able to download to download a USB flash drive to create windows 10 from my laptop and use it on the computer I bought without logging on to it?
No. You can’t download an operating system from one computer and use it on the other. They only way to safely do what you are suggesting is to completely wipe the hard drive from the computer, and then purchase a new operating system for the one you are going to sell. Anything else probably won’t work, and would be against the operating system legal agreements as well.
This article has some extra information for you: https://askleo.com/how-can-i-securely-delete-everything-except-the-operating-system/
Windows can’t be successfully copied from one computer to another.
https://askleo.com/can_i_restore_an_image_backup_of_one_computer_onto _another_and_have_it_work/
It’s not difficult to get administrative access to that computer. It’s very risky. The following article explains why and warns against doing so. That being said, the article you are commenting on has a link to another article on how to reset the password and gain access to the machine.
The method described in this article won’t return the computer to factory state, it will open the computer with all of the installed programs and data installed. You’d have to manually delete any user data and uninstall any programs you don’t want. I’d also run a few antimalware scans as there might be malware on the computer.
But how do I get on to the laptop when I am unable to bypass the current login page? I can’t get in to clear anything off. Thank you
If you follow the instructions in the article, specifically following this link I’ve Lost the Password to My Windows Administrator Account. How Do I Get it Back?,you will be booting into Linux, not Windows and you will not get the login page. But as Leo also said, you would be inheriting all of the problems, including possible malware, or possibly worse, illegal material from the previous owner. The safest bet is reinstall Windows from scratch using a DVD or bootable USB flash drive.
If the BIOS is password protected, it becomes more complicated.
I forgot my BIOS password, how do I get into my machine?
How do I remove a BIOS password?
The BEST way to clear anything off is to clear EVERYTHING off by installing a clean copy of Windows from scratch. You’d boot from the installation media.
I don’t understand a lot of what is being said, but I bought a used computer from someone on offer up who first said his name was Ben then Jerry when I met him, he sold me the computer and my bf who knows nothing about computers tried putting windows on it free from a download he found online, I don’t believe it was really ever activated because last time I used it I wanted windows 10 so we went and bought it, installed it but it wouldn’t activate without an admin key. It says it’s running Windows 10 pro but it also says windows not activated. When I got to control panel it says it’s part of a workgroup. Idk what to do because if it’s stollen won’t they not return it to me if I take it to get fixed and I’m out the $500? I have been using it all this time with my email and everything in some workgroup under an admin …ugh…why I tried to activate windows 10 that I thought my bf had already installed successfully is because I went to do the tutorial for speech recognition and it wouldn’t show up. How do I just wipe everything and start fresh ? Can I just get a new hard drive? How do I make sure I am safe ? Why are computers so confusing?
You simply need to reinstall Windows from scratch. You may need to purchase a copy so that you have a valid license key of your own.
Ty for your reply….but we did buy windows at the store, windows 10 home/pro, he installed it, but it did not ask for the new license key he assumed it was working and gave it to me to use. Later on, like two weeks later, I was on it and asked him to help me with the speech recognition and it was then he noticed it said windows not activated. He tried activating it with the new key it didn’t work and so he tried a bunch of things he doesn’t remember, including downloading something from a forum that claimed to help a bunch of people as soon as he downloaded it he got the blue screen of death, which somehow he got out of. but the result is nothing is working. The desktop image is changed to this message: encrypted by gandorab 5.0.4 dear user your files are under strong protection by our software in order to restore you must buy decryptor. (He just told me that part, wow) start rarely works …….what do I do? All my stuff that is on the computer is now at risk? Should I get a new hard drive? Even before he downloaded whatever the hell this is it still wouldn’t accept the new license key….ty so much for the help, I need computer lessons…
That “message: encrypted by gandcrab 5.0.4 ” message sounds like the computer has been infected with ransomware. The only way to recover from ransomware is to restore from a backup taken before the computer was infected. A fresh install of Windows and all of your programs would also remove the malware but you’d need a backup to be able to recover your data. This is just a guess but it might be that the program you downloaded to activate Windows was a Trojan horse which installed the Gandcrab ransomware.
How Do I Decrypt Files Encrypted by Ransomware?
Recovering from Ransomware with an Online Backup
I bought a new hard drive and I still have the copy of windows I purchased from the store….I can’t seem to access my email that was attached to the computer. When I try to access from my phone using data and the browser it says it’s no longer private, using the app it just keeps timing out right after I type in my password. My wifi is not working and the Xfinity account is linked to that email and I am really hoping some of this is just coincidence. So now that I have a new hard drive and the purchased copy of windows, I should be all set as far as the computer right? I’m really hoping to get more answers on the email thing, I just messaged microsoft…
I just saw your video on this subject.
I didn’t read ALL the comments (just too many), so if some else suggested this, forgive me.
A very safe way to see what’s on the drive is, as you suggested, put the drive in a separate enclosure and connect it to a Linux machine. I’ve done this many times to recover someones files for them. No fear of malware or a virus. Of course then I reformat the drive to Linux (Mint is my favorite) .
The object of this article was to show how to gain access to a second-hand machine. In a case like that, you would have no interest in the data on the machine. If you want to install Linux or a new copy of Windows on it, you could do it directly from bootable media as long as the BIOS isn’t password protected and Safe Boot isn’t on.
Things have improved since Windows 10 has come out. If a licensed version of Windows 7, 8, or 10 had been installed on that computer, when installing Windows 10 on it from scratch, it will automatically be activated upon installation. You can get the latest versions of Windows directly from Microsoft and create installation media.
Is Windows 10 Still Free in 2021? Where to Get It and How To Install It
Where Can I Download Windows?