Wednesday, 18 March 2015

Three ways to recover from a forgotten Windows password

You've forgotten your Windows password. What now?

I’ll show you three different ways to get back into your system:

1. The ‘right’ way
2. A free but dirty hack
3. An elegant but $50 hack

It's worth noting up front that there is potentially a big difference between recovering and resetting a password.

Recovering a password means discovering what your old password was.

Resetting a password means creating a new, working password without needing to know the original.

If you don't use the Windows Encrypting File System (EFS) then, in practical terms, there's very little difference between the two. If you encrypt files using EFS then you need to recover your password or lose access to those files.

And if you are a bad guy recovering someone else's password is useful for spying, while resetting is useful for sabotage.

I'm reminded of the 3rd of the immutable laws of computer security:

Law #3: If a bad guy has unrestricted physical access to your computer, it's not your computer anymore.
If you had doubts, the methods details here should convince you.

1. Password Reset Disk

2. Password reset accessibility hack

3. Password recovery with Elcomsoft System Recovery

Please use this information for legitimate purposes only!