Monday, June 9, 2008

How to Break Into a Password Protected Windows XP


Here are two simple ways to access Windows with Administrator rights and privileges if:
You have password protected your Windows XP system and can’t remember the password(s) to login regularly.
You’ve forgotten the password to an Administrator account and have lost the ability to change any of the vital system settings.
Steps:
The first method is incredibly easy. Whenever Windows XP is installed on a system, it creates a default administrator account called “Administrator” and by default this account is not password protected. Therefore, if you bought a brand name computer (such as Dell, HP, Compaq or Sony) or installed Windows XP yourself, you should be able to login to the computer through the unprotected Administrator account.
The previous author wrote the login to the unprotected Administratior account is normally accessible only through safe mode, but this is not correct. If the computer utilizes the welcome screen instead of the standard NT domain logon prompt, you can press Ctrl + Alt + Del twice to get to the logon prompt. You can access the Administrator account through the logon prompt without logging into safe mode. If the target system does not use the welcome screen or you cannot log off, continue following these steps.
Reboot your machine. Before the Windows Boot screen appears, press F8. Do not press F5 used on the NT/9x series of Windows. You will be be prompted with a boot options menu.
Select the “Boot Windows in Safe Mode” option.
After several screens this should bring you to the familiar ‘Welcome’ screen, except the colors will be reduced to 256 colors and 640×480 resolution because the primary graphics will have been set to the Windows Safe Mode software VGA adapter. You will not be able to change this mode even in Display options, while Windows is running in Safe Mode.
The ‘Welcome’ screen might display some of the users you had configured on your system, but most importantly it should display an icon for the user “Administrator”. If the default settings of your system haven’t been changed, there should be no password for this account.
Login and Press ‘No’ at the prompt, asking if you would like to continue using System Restore Mode and continue on to the User Settings in your control panel. Here you can change any of the other passwords for any other user on the account.
Make the changes you want and then reboot your computer. As long as you don’t press any keys (i.e. F8) during the boot-up this time, the computer will boot normally. You can then login as the User for which you set the password..
Tips:
Some users are smart enough to password protect their Administrator account when they install windows. If that’s the case, you’ll have to know THAT password in order for this method to work.
Note there is a way to crack the windows “SAM” and system files to retrieve the original passwords you’ve forgotten. But this process is a little more complicated and isn’t always succesfull based on the complexity of the password you’re trying to retrieve

3 comments:

Anonymous said...

I tried the first method and it simply does NOT work. I can only sumise that the PARENT password protected his own login to prevent the KIDS from not only accessing the PARENTS part of the system but to protect them from makeing any changes on THEIR part of the system. That is where I find myself with this tower. If you can help reply to reeltoreelguy@yahoo.com.

Anonymous said...

Thanks I have a question. My separated husband stole my computer and most of the house while I was having surgery for broken collar bone caused by him. Anyway he took my personal computer which was password protected. I just got it back and he got in and was reading my attorney client emails from the last week and freaking out. Can I prove it someday on my computer?

Thanks please answer quickly

Lisa dial

Lisaraydial@yahoo.com

Anonymous said...

Hi Lisa,

Depending on what he was looking at on your computer, you can certainly tell when certain files were last accessed. If you we're in surgery or the hospital and certain documents were opened there are metadata fields that you cannot see that track info....one field is last accessed date. For loose edocuments like word or PDF a little easier. For email alittle harder.....do not turn on the computer and do this yourself. Look up computer forensics experts in your area. They may need to testify and act as experts to prove it. Generally 200 plus per hr, but worth it if he did what u say.