Ask Leo!

Making Technology Work For Everyone

How do I gain administrative access to a second-hand computer?

It's common not to get all of the information (such as the administrator password) with a used computer. There are a couple of approaches to taking ownership, but we start by understanding the risks.


//

My dad bought a computer from a yard sale. The problem is that they forgot to take off the password. I’m logged in as a user, but not an administrator, so I don’t have admin privileges. How do I become an administrator?

This is frightening for many reasons.

But it’s not you who should be scared. We’ll get you into the computer quite easily. It’s the previous owner who should be concerned because it’s clear that they didn’t take a few important steps before giving away their computer.

You still need to tread very, very carefully. I’ll explain why.

Seller beware

The problem for the original owner is simply this: they’ve given (or sold) the computer … and all of the data on it.

How do I know this? Because it still boots into Windows. It’s clear that they did not take the extra step of securely deleting all of the data on the hard drive prior to giving it away. We hear stories all the time of second-hand computers that are sold, or even discarded, only to find that there’s a tremendous amount of sensitive, personal data still on the machine.

They may think that they’ve deleted the files that they care about, but as I’ve discussed in many articles in the past, there are often sensitive remnants in other places, and even deleted data can sometimes be recovered.


… even deleted data can sometimes be recovered.
So lesson #1 is for whomever sold the computer in the first place: securely erase your data, or you run the risk of the computer’s new owner getting access to all of it.

Buyer beware

Do you know what you have?

I mean, do you really know what you have?

How do you know that the machine that you just received isn’t chock-full of malware? For all you know, there are viruses, trojans, and spyware on that machine that are just waiting for you to do something – connect up to your local network, share files with other machines, or log in to your bank account. They’re waiting for the opportunity to propagate, compromise accounts, and just generally cause trouble.

Handing over the KeysI’m not saying that this is the case.

I am saying that you can’t know that it’s not. You have no idea how safety-smart the previous owner of that computer may or may not have been.

You have no idea what’s on that machine. You don’t know what you have … not really.

So lesson #2 is for you, the person acquiring a second-hand machine by whatever means: reformat and reinstall Windows1 from scratch. It’s the only way to be certain that you know what is – and perhaps more importantly what is not – on that machine.

Getting access to the machine

The right way is simply not to try. Get a Windows install disk – perhaps one even came with the machine – and reformat and reinstall Windows from scratch.

It’s the “right” way for two reasons:

  • You’re not even going to try to access or recover the previous owner’s data.
  • More importantly, you’re not going to suffer from any infections or malware left behind by the previous owner.

That person didn’t know enough to securely erase their data, so what faith do you have that the machine isn’t loaded with viruses and malware? Reformat and reinstall really is the right thing to do.

People are curious or “adventuresome” (perhaps a synonym for foolhardy?) and want to run or see what’s on the existing hard disk – perhaps (hopefully) before they reformat and reinstall.

Fair enough.

As it turns out, it’s very easy to gain access by downloading a password reset tool, burning it to CD, and booting from that CD. I’ve covered it in a previous article: I’ve lost the password to my Windows Administrator account, how do I get it back?

As I’ve also said before, if you have physical access to a machine, then it is not secure. That works in your favor here, as you can quickly reboot into this password-reset tool and reset the administrator password to the machine.

And you’re in.

Just be … sensitive … to the data that you might find there. Know that you may very well be dealing with malware or other security issues that you may not be able to see or recover from.

This is an update to an article originally posted : April 4, 2009

Read more:

Footnotes and references

1: It didn’t come with disks? Or you don’t have a product key? Then it’s very likely that transferring that copy of Windows to someone else may also be illegal. The only correct solution is to get the original installation disks and product key (making sure that it’s not used on other machines), or purchase a new copy.

Comments

  1. There is one more easy way to get in without using any special access software.

    Microsoft in its infinite wisdom does not set the password for the administrator account when it is installed. It just hides this account from general access. But then provides an easy way to access it. In fact two ways. If the seller of that computer is naive enough to leave the data on the disk, it is likely that he/she has not set this most important password. Take a chance on this one, after fully understanding the risks involved in accessing the system.

    1. Boot in safe mode. That shows the Administrator account along with the other user account. And you are in….

    2. Another way to get to the Administrator account is: Log off from the regular account and get to the log-on screen that lists all users. Here enter the keys ctrl-alt-del twice. A logon dialog pops up. Enter Administrator as username, no password and you are in….

    Of course if this password is set, then the utility Leo mentions does the trick.

    Reply

  2. This worked for me. I shut down the PC, turned off all power and waited about 40 minutes for the capacitors to discharge then removed the battery.
    After an hour, I replaced the battery, hooked up and restarted the PC and “VOILA!” no Administrator password!

    Reply

    • I am a tech and this doesn’t sound right to me. Are sure you are not talking about getting past the BIOS administrator password?

      Reply

  3. There is one very good reason to be able to access the administrator account on a used computer, depending on the rights have been set for other user accounts on the machine. You may need to recover the install key for Windows and other installed software from that computer before doing a clean install by first installing and using a key-finder utility like “Magical Jelly Bean Finder.” If the ability to install software on the computer has been restricted to the administrator account, then access to that account will be necessary to accomplish this task.

    Reply

  4. Re: ‘I shut down the PC, turned off all power and waited about 40 minutes for the capacitors to discharge then removed the battery.’

    That process has no effect on the OS password for the admin account. The OS password is data written on the disk. It is not a CMOS/BIOS issue to be addressed by defeating the CMOS/BIOS password (what the process above is doing).

    Reply

  6. intresting….they all do work…but not in all cases…so give this a try:
    .1.google..and searche for ophcrack live cd..burn it…and log in to it..and just exit…while exiting…all admin passwords and names will pop out 😉 very easy and no swette.
    .2. that is a bit tricky…but nice..but also require some command knowleges..so what to do:…while ur in the user(not admin)…locate the screen saver path and copy there the cmd.exe (command promp) and set it up!!!! well its not that simple but u can make it…
    after that reboot…and dnt loggin just wait for the screen saver(replaced by command prompt)..and start surfing with admin priv…..
    gd luck..;)

    Reply

  7. A neighbour called me one time. She bought someones computer that was password protected. To bypass it I just booted up in safe mode, went into the user accounts, created a new account for her – as administrator, restarted the computer – to make sure she could sign in and then deleted the old account.

    You don’t need to be a hacker to get pass this.

    {URL removed, page no longer exists}

    Reply

  8. Remember, that once the computer is yours, any information on it is yours now, too. Any information. Including all that child porn which the previous owner had downloaded. Something to think about when those nice friendly FBI agents come bashing in your door wearing bulletproof vests and carrying assault rifles in a no-knock raid at 5:00 in the morning…

    Hey! Maybe reformatting that drive and reinstalling from scratch isn’t such a bad idea after all!!!

    Reply

  9. Hello. I found this article about administrator very interesting. When we bought our laptop some years ago, without knowing what was happening I filled in all details asked for and put in a password. All of our family members have their own details but none of us know what the first password was. (I am in my 70’s and not a computer person). All of what you have written seems very difficult to do. Is it?

    Reply

  10. The “right way” is the safest way – I mean what would you do if the PC had a key logger or FBI-arrest-and-jail-you-forever porn still on it? During a “right way” reinstall you will probably need the Windows Product Key – if there’s no Genuine Label on the PC (its on the case, right?) then run Produkey or Magical Jelly Bean to get the in-use key for the re-installation. Good Luck and buy your boyfriend a beer to do the installation!

    Now that we’ve said that you can skip a lot of trouble by doing a “right way” disk wipe and then installing Knoppix on your laptop (which is free of legal encumbrances and has lots of the newest drivers) and is much faster on startup. Or use an Ubuntu Live CD if its a plain pc! Yay Free Software!

    Reply

  11. i agree with rahul, booting on safe mode will work.
    but pls i would like to know how to access the CMOS setup in a laptop that is passworded and if you say i should reformat, i can’t access the CMOS setup to boot from CD. so pls what do i do?

    Reply

  12. I’ve used the Magic Jelly Bean Key Finder method and then a clean install. That’s the cleanest method. Using a computer that’s been running for a few years is bound to run slower than a freshly installed system.

    On the other hand, it’s possible that the computer you bought has other useful software that you might lose with a fresh install (the Jelly Bean also gives you the MS Office S/N).

    One thing that works on 95% of older XP systems: At the log-in window his ctr-alt-del twice. A log in dialog will come up instead of log-in icons. Enter Administrator as the user name with no password. Ive gotten into dozens of computers that way. Vista and XP SP2 and above fixed this bug.

    Reply

  16. Please note: If the pc you are trying to change the password on has any encrypted files, you will lose access to those files if you use one of the external password change solutions, i.e. the Offline NT Password and Registry Editor.

    Reply

    • You don’t necessarily need the exact same edition. I had a key but not the install disc. I started installing XP Professional. During the install it asked for the key. After inputing the key, I ended up with an install of XP Media Center Edition.

      Reply

  18. Since most computers these days, don’t come with the install Disc’s. I would be surprised to find a used one that did. In the event that you didn’t have the install CD’s.
    How would you go about getting them ? I have never had to do this, just curious.
    Thank’s

    Reply

    • I use Belarc to get the product keys as a just in case and then I run the restore program from the recovery partition. Quick, easy, and safe.

      Reply

  20. I tried the ctl alt delete no password and still can’t get in. this is my own computer I have used for years. i believe I was hacked. I cut off my Internet due to receiving hundreds of emails daily mostly of naked women which led back to a dating site. my resume is on the computer and Im out of work and a divorce cleaned me out. anybodys help appreciated. I can get to safe mode and to to the screen showing the Administrator and one other account. forgot the passwords. I think someone was accessing my info and took over administrator role.

    Reply

  21. my dad got laptop from his company… and in it i am logged as an user .. I d”not have an administrator rights. so I just want to know that when i will install windows again.. will there be any issues?

    Reply

  22. my mom gave me her old computer. but she got it from her x lover. and she does not know the password
    for administrative, stuff. i am cmputer stupid. please help. if i have to earase everything I do not care. oh yah its a Mac oxs model number POwer Mac M8493 100

    Reply

    • Unfortunately Ask Leo!’s expertise is primarily in PCs, Windows, and general Internet or computing-related questions. He just doesn’t have the expertise to do justice to most Apple Macintosh, iPod or iPad-related questions.
      Gary Rosenzweig has a great post on where to get help: http://macmost.com/getting-help

      Reply

  23. Hello there! i bought a new router and it came with a “easy to install” setup with a disk. i go to put in the disk and it ask for administrator password which only my step-mother knows. She won’t put in the password, nor tell me so i can install the new router. (she believes its going to have have viruses and such on the disk)Although i showed her its directly from the company. Is there any way i could bypass the Administrator password so i could install this disk to get this router all setup without resetting the computer to factory defaults?

    Reply

  24. I have deleted all the user account from the admin then accidentally disable the admin access and shut down my computer. Now I am unable to log into my computer. Please help.

    Reply

  25. One way, as LEO strongly urges, is to just REINSTALL Windows – but what if Windows has been UPGRADED and the COA is only buried in the Windows operating system?
    What if the COA label wore off the bottom of the laptop?
    Step one is to SCAN the drive using a free Antivirus Rescue CD or the free Microsoft Windows Defender Offline for USB – just choose 32 bit or 64 bit.
    Once installed, boot to the CD or USB stick.
    I did that, then pulled the drive and connected it to a working PC just to run a little tool WRR that only gives up the Windows COA and no personal info, no passwords.
    Once again the unknown system does not need to be booted.
    Hard drive now free to be filled with zeros 24x over.

    Reply

  27. l bought a second hand pc,and now it is asking me the admistration password.l do not hav acess to windows .how can l remove it and reboot my computer

    Reply

    • If you have WIndows 10, and are using a Microsoft (hotmail, outlook.com, MSN.com or live.com) account to log in, you can reset the password by resetting your Microsoft account password.

      Reply

      • I still haven’t seen an answer to the CMOS/BIOS admin password vs the “windows” admin password in the OS. I just bought a 2nd hand “refurbished” laptop (Dell e5400 64 bit win 7 pro) on Ebay that has the BIOS locked out with that CMOS administrator password. How can I reinstall Windows if I can’t even change the boot order to boot from CD? Even if I were to be able to F2 or F12 (boot to dvd) during the process, the BIOS admin would still be password protected. I flashed the BIOS, no go. I tried the dogbert algorithm thing but entering a bad password 3 times doesn’t give me a hash code to use so nothing to plug into Python. Do I just dig into it and solder in a new preprogrammed BIOS chip ($20 on ebay but ….)? If I’m opening it up already to remove / unplug the cmos battery I might as well. This seems drastic. Dell support doesn’t seem to want to help since I’m not the original owner and I don’t know who was. Help!

        Reply

        • First, the BIOS password is completely unrelated to Windows. COMPLETELY unrelated.

          Second, only Dell can help you. If a BIOS has a password, then it has a password. Either you need to live with how its configured (which you obviously cannot), or Dell or someone has to tell you how to bypass the password – which completely negates the value of the protection that the password provides. In some cases there are hardware reset switched, but again, this is something specific to the machine and only Dell can help. You may get lucky if you search for your specific model number and “BIOS password reset”, but there are no guarantees.

          Reply

Leave a reply:

Before commenting please:

  • Read the article. Any comments that clearly indicate you've not read the article will be removed.
  • Comment only on the article. New question? Start with search, at the top of the page. Off-topic comments will be removed.
  • No personal information. Email addresses, phone numbers and such will be removed.

VERY IMPORTANT: comments that do not add to the discussion - typically spammy, off-topic, or content-free comments - will be removed.

I'm strict about it so that comments can be valuable for everyone, including those who come later and take the time to read.

Your email address will not be published. Required fields are marked *