How To Reset Your Windows Administrator Password With CHNTPW

 

  ***DISCLAIMER: Please do remember that this is an action of computer/network forensics and should NOT be performed without permission from the computer system owner if it is not your own computer system under investigation.***

 

Resetting The Windows 7 Administrator Password

 

  This procedure is not as difficult as one might at first presume. CHNTPW (Change NT Password) has been in use since Windows NT and its author (Petter Nordhal-Hagen) knows a thing or two about software. In many if not most cases carefully following the prompts and reading the results of what chntpw determines will help you to get that password either cleared or changed. In the slideshow below you'll see where we have a DELL Laptop running Windows 7 Pro which has an Administrator account for which the password was forgotten. The CHNTPW software disk is shown as well as going into the boot options menu (in this case using F12 upon booting) where the CD/DVD option would be chosen once the disk is loaded in the tray. After this will be shown step by step using lightboxes to click and instructions to follow on how to reset your windows administrator password with chntpw.

 

  • DELL LATITUDE E5530
  • ADMIN Passowrd Unknown
  • Choose Boot Option

 

  When you get the system in question booted to the disk the initial spew will stop at the boot prompt (if it stops at just hit SPACEBAR). The first lightbox below displays exactly that and when you see the boot: _ indicator all you need to do is hit enter. This is what should work under most normal circumstances and just accepting the defaults throughout also normally works and it's rare if that is not the case.

 

chntpw_boot

 

  Once you hit enter at that boot prompt the software will then search the internal hard drive(s) for Windows installation(s) and display likely candidate partitions.There can be several of these but when choosing the default [1] (hit enter) it should report no issues and move to the next action to be taken. You'll note that the software initially detected more than one likely candidate however it does indicate where it detected a Windows installation and that would be the first option. The next two lightboxes show correct defaults and in each case when you see that screen just hit enter.

 

chntpw_1

chntpw_2

 

  The next step is to indicate that you want to Edit user data and passwords and that is again the default. After that a user must be chosen and Administrator is the default. Note that the software does indicate whether or not a user has administrative privileges. If you know the username you need to access which is not Administrator you can also reset that username password by entering it (or the hex) before hitting enter and move to the next step. Actual usernames are blanked out simply for privacy here.

 

chntpw_3

chntpw_4

 

  Next the action to take is to Clear (blank) user password. Note that in this case you would want to type 1 at the prompt because you're not ready to quit yet. There are other actions you could take but that's up to you (and perhaps another tutorial).

 

chntpw_5

chntpw_6

 

 

  Guess what? Password Cleared! The next lightbox indicates exactly that, and then to quit editing users by hitting enter. Now it only has to be saved so type q to quit the program as indicated below.

 

chntpw_7

chntpw_8

 

  Once you quit it will ask if it should write the new (cleared password) data back to the system and that is what you want so although it defaults to n (NO) you want to type y for YES and hit enter.

 

chntpw_9

chntpw_10

 

  EDIT COMPLETE! When you see this it means you have been successful in clearing the password and there will be no password required for the user Administrator to log in. Now you can just confirm that you don't need another run through the procedure by hitting enter (it's defaulted to n) at which point you can then remove the disk from the CD/DVD tray and hit Ctrl+Alt+Delete to reboot the system to Windows 7.

 

chntpw_11

chntpw_12

 

  So be sure that you've ejected the CD, then hit Ctrl+Alt+Delete. The last three lightboxes are shown for reference and to show that if you follow the procedure outlined here you will have successfully reset your Windows 7 administrator password!

 

  You can get CHNTPW from pogostick

 

chntpw_eject

 

boot_after_reset

 

Password_Cleared

 

VIOLA!

 

 

SiteLock