9 solutions for forgetting the XP Login Password

First, we propose:

If you are easy to forget, do not forget to create a boot disk that can restore the account password in Windows XP at the same time as setting the password for the first time, it frees you from formatting hard disks.

Find the "User Account" item in the "control panel" and select the control interface for your account. We can see that there is a "block a forgotten password" in the task list on the left ", click
You can open the "forgot password wizard". The Wizard will prompt you to insert a formatted blank disk. During the operation, you will be asked to enter the password used by this account, you can quickly create a password reset disk.

Later, when we forget the account password and log on to Windows XP without using the "Welcome screen" Login method, press "CTRL + ALT +
Del key combination, "Windows
In the "Security" window, click "Change Password" in the options to display the "Change Password" window. In this window, back up the current user's password, click the "backup" button in the lower left corner, activate the "forgot password wizard", follow the instructions
Creates a password to reset the disk.

If
If an incorrect password is entered in the XP Logon window, the "Logon Failed" window will pop up. If you cannot remember what your password is, click "reset, start the password resetting wizard
You can use this password to reset the disk and change the password and start the system. Reset the password and log on to Windows XP.

Creating a "Password Reset disk" poses a certain risk because anyone can use this "Password Reset disk" to log on to Windows XP, you can enter the user account in the name of the user to operate everything that the real user can do. Therefore, you must save the "Password Reset disk" in a proper place to prevent loss or loss of information.

Method 1 -- use "Administrator" (This method is applicable when the administrator user name is not "Administrator)

We know that during the installation of Windows XP, we first Log On As "Administrator" by default, and then ask to create a new account to enter windows
Use this new account to log on to Windows XP.
In the XP Logon interface, only the user account created is displayed, and "Administrator" is not displayed. However, this "Administrator" account still exists, and
The password is empty.

After learning about this, if you forget your logon password, press CTRL + ALT on the logon page, and then press del to display the classic logon screen, enter "Administrator" in the user name, enter the password blank, and then modify the "zhangbp" password.

Method 2 -- delete the Sam file (note that this method is only applicable to Win2000)

In Windows NT/2000/XP, the Security Account Manager (Security Account Manager,
The Security Account Manager manages Accounts through Security Identifiers. Security Identifiers are created at the same time when an account is created. Once an account is deleted, the Security ID is also deleted. Security ID is unique
1. Even if the user name is the same, the security ids obtained at each creation are completely different. Therefore, once an account is re-created by the user name, it will be assigned different Security Identifiers without retaining the original permissions.
The security account manager displays the % SystemRoot % system32configsam file. The Sam file is Windows
NT/2000/XP user account database, all user login name, password and other information will be saved in this file.

Once we know this, our solution also produces: Delete the Sam file, start the system, it will re-build a clean and innocent Sam, there is no password in it.

However, such a simple method is not applicable to XP, and Microsoft may impose restrictions on such a bug ...... So now in the XP system, even if you delete Sam, you still cannot delete the password. Instead, it will lead to an error in system startup initialization, leading to an endless loop instead of a system !!

Method 3 -- find the password from the Sam file (prerequisite ...... The basic DOS command is used)

Before starting the system, insert the boot disk and enter: C: winntsystem3config.
Run the Copy command to copy the Sam file to a floppy disk. Read the data from another machine. The required tool here is LC4, run LC4, open and create a new task, and then click
"Import → import from Sam
File to open the Sam file to be cracked. At this time, LC4 automatically analyzes the file and displays the user name in the file. Then, click "session> begin
Audit. If the password is not complex, the result will be obtained in a short time.

However, if the password is complex, it will take a long time. In this case, we need to use the following method.
Method 4: overwrite other Sam files (provided that you can get the Sam file and password of another computer ...... I personally think it is the most feasible method)

1 -- As mentioned above, the Sam file stores the login name and password, so we only need to replace the Sam file with the login name and password. However, the "Origin" of the SAM file used for this replacement is hard
The disk partition format must be the same as that of your system (whether FAT32 or NTFS is used, you can confirm it yourself ). It is best that the "Origin" system has no password and security settings have not been changed (in fact, most individuals
This is true for computers). Of course, it is safer to overwrite all the files in [win ntsystem 32 config] of XP to [C: Win ntsystem
32 config] Directory (assuming your XP is installed in the default partition C :).

2 -- if you cannot get help from others (I mean "in case"), you can install an XP system on another partition. The hard disk partition format should be the same as the original one, and be sure not to match the original
XP installed in the same partition! Before you start, you must back up the MBR in the boot zone. There are many methods to back up the MBR. You can use tool software, such as anti-virus software kv3000. Used after installation
Log on to the Administrator. Now you have the absolute write permission for the original xp. You can test the original Sam and use 10phtcrack to get the original password. You can also
All files in Windows ntsystem 32config of the newly installed XP overwrite C: Win ntsystem
32config directory (set up the original XP here), and then use kv3000 to restore the previously furious Master Boot MBR. Now you can use the Administrator identity
Log on to XP.

[I am in trouble with solution 2, but I am still in trouble with solution 1: it is better to ask for help...]

[In addition, it is said that the Sam in the Windows epair directory is of the original version and can be used to overwrite the Sam in system32 so that the current password can be deleted, the password is restored when the system is installed. If this password is blank, isn't it ...... ]

Method 5-use Win 2000 to install the CD boot and repair the system (prerequisite ...... Obviously, right? That is, you need to have a Windows 2000 installation CD)

Use the Windows 2000 installation CD to start your computer. On the wndows2000 installation selection page, select windows.
2000 (press the r key), and then choose to use the fault console for repair (press the C Key), the system will scan the existing windows/XP version. Generally, there is only one operating system, so only one
Logon (L: C: \ Windows ). Press L on the keyboard and press Enter. At this time, window
XP does not require the administrator password, but directly logs on to the fault recovery console (if windows
When the XP installation disc is started, the administrator password is required. Here, the Administrator refers to the built-in administraor account in the system. All Windows users know that the fault is recovered.
The console can perform any system-level operations, such as copying, moving, deleting files, starting, stopping services, and even formatting and partitioning.

Test disc: integrated with the Windows 2000 proessional Simplified Chinese version of Sp3.

Tested system: Windows XP proessional, Windows XP with SPI patch (both FAT32 and NTFS file systems are the same)

[Note that, due to various reasons, some windows 2000 installation discs on the market cannot display the console logon options, so this vulnerability cannot be exploited. At the same time, due to the limitation of the faulty Console mode, this vulnerability cannot be exploited from the network. In other words, this vulnerability is limited to a single machine.]

Method 6 -- use the net command (there are two prerequisites: the partition of Windows XP must use the FAT 32 file system, and the user name does not contain Chinese characters .)

We know that the "Net user" command is provided in Windows XP. This command can be used to add or modify user account information. The syntax format is:

Net user [username [password *] [Options] [/domain]

Net user [username {password *}/Add [Options] [/domain]

Net user [username [/delete] [/domain]

The specific meaning of each parameter has been described in detail in the help of Windows XP, and I will not elaborate much here. Now, we will take the "zhangbq" password of the local user as an example to illustrate how to forget the logon password:

1. restart the computer, press F8 immediately after the startup screen appears, and select "safe mode with command line ".

2. At the end of the running process, the system lists the selection menus of system Super User "Administrator" and local user "zhangbq". Click "Administrator" to enter the command line mode.

3. type the command: "Net user zhangbq 123456
/Add to forcibly change the password of the "zhangbq" user to "123456 ". To add a new user (for example, the user name is abcdef and the password is 123456,
Type "Net user abcdef 123456/Add". After adding, "net localgroup Administrators" can be used.
The abcdef/Add command promotes a user to the "Administrators" user in the system management group and gives the user Super permissions.

4. restart the computer and select "run in normal mode" to log on to the "zhangbq" user with the changed password "123456. In addition, zhangbq enters
Log on to the [console] → [User Account] → select the user who forgot the password, then select [remove Password] and then select the original user on the logon screen to wait for the user without a password.
(Because the account has been removed) Delete the new user, go to [console] → [User Account] → select [alanhkg888], and then select [remove account ].

[However, it was suggested that after the experiment, the user created under the safe mode command cannot enter the normal mode (this conclusion is not confirmed yet)]

Method 7-password cracking software (provided that you have a standard system installation CD-not the D-disk that "integrates" multiple systems)

1 -- use the Windows key in passware kit 5.0
5.0, used to restore the password of the system administrator. After running the command, three files are generated: txtsetup. OEM, winkey. sys, and winkey. INF. The three files are 50 kb in total.
Place the three files on any floppy disk, start the computer using the XP installation CD, and press F6 to enable the system to adopt a third-party driver. At this point, it is the best time for us to switch into the floppy disk.
Will automatically jump to Windows
Key interface. He will forcibly change the administrator password to 12345, so what will happen? Too many! After you restart, you will be asked to modify your password again
.

2 -- use office nt password & registry
Editor. With this software, you can create a Linux boot disk, which can access the NTFS file system, so it can well support windows
2000/XP. You can use ntpasswd, a tool running in Linux on this floppy disk, to solve the problem and read the registry and rewrite the account. It is easy to use.
The prompt after the startup is completed step by step. We recommend that you use the quick mode to list users for you to change the user password. The Admin group user is selected by default.
It is very convenient to change the Administrator name.

3--erd. commander2003 is a Windows administrator and end user. In the face of systems that may crash at any time, each person may have their own tools to save
Data and repair system. ERD commander, which can be considered winternals Administrators
One of the most powerful components of the Pak tool is to change the password, Windows NT/2000/XP/2003
The password of any user in the system can be changed by ERD without knowing the original password.

Method 8-Modify the screen saver (provided that you have set screen saver)

Use ntfsdos, a tool that can write NTFS partitions from Dos. Use the software to create a DOS boot disk and then go to C: Win ntsystem
Rename the Screen Saver logon. scr under 32, and then copy command.com to C: Win ntsystem
32 (CMD. EXE can be used in Win2000) and renamed logon. scr. In this way, 15 minutes after the machine is started, the screen protection that should have appeared is now changed to the command line
Mode, and has the Administrator permission, through which you can change the password or add a new Administrator account. Do not forget to change the name of the screen saver.

Method 9 -- use the startup script (prerequisite ...... The basic DOS command is used)

Windows xp startup script (startup scripts) is a batch file that is run by a computer before the logon screen appears. Its function is similar to that of Windows
The automatic batch processing file autoexec. bat is executed in 9× and DOS. With this feature, you can write a batch file to reset the user password and add it to the startup script.
. The procedure is as follows (assuming the system directory is C: Windows ).

1. Use the Windows 98 boot disk to start the computer. Create a file named A. BAT in DOS. The content only needs a "Net user" command: "Net user
RWD
12345678 ". This command sets the RWD password to "12345678" (for usage of the net command, refer to Windows Help ). Then
A. Bat save it to "C: windowssystem32grouppolicymachinescriptsstartup.

2. Compile a startup/shutdown script configuration file scripts. ini. The file name is fixed and cannot be changed. The content is as follows:

[Startup]

0 rows line = A. bat

0 parameters =

3. Save the file scripts. ini to "C: winntsystem32grouppolicymachinescripts.
Scripts. ini stores the Setting data of the startup/shutdown script of the computer. The file content usually contains two data segments: [startup] and [shutdown].
[Startup] The data segment is the startup script configuration, and the [shutdown] data segment is the shutdown script configuration. Each script entry is stored in two parts: Script Name and script parameter. The script name is stored in
Under the xforwarline keyword, the parameter is saved in the xparameters keyword. Here, X indicates the script sequence number starting from 0 to differentiate multiple script entries and mark the running of each script entry
.

4. Remove the Windows 98 boot disk, restart the computer, and wait for the startup script to run. After the script is started, the RWD password is restored to "12345678 ".

5. After Successful Logon, delete the two files created in the preceding steps.

[In fact, you can use another computer to write a. BAT and scripts. ini in "Notepad", and then use a floppy disk to copy them to your computer through DOS]

Note:

The above script uses the FAT32 file system. If you use the NTFS file system, you can mount this hard disk in the disk mode to other systems that can recognize the NTFS file system (such as Windows
2000 or Windows
XP. This method restores the administrator password. Password encryption for local computer users and domain users in Windows2000
Code recovery is also valid.