How to bypass password on Windows XP account?





.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ margin-bottom:0;
}







22















I have an old ThinkPad R40 family laptop running Windows XP lying around and there's an account on it that has a password and it gave me a hint and I put everything I could possibly think in there and no luck. Is there any way to bypass the password?










share|improve this question









New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 8





    You can always stick a Linux USB boot drive, and load it from BIOS. This is my usual method (getting into old Windows research computers). Simply Google "log into locked windows computer with linux usb". I can verify it works on Windows XP and Windows 7.

    – Shinobii
    yesterday






  • 3





    Yeah, pretty sure every linux user ever has at some point recovered data from a windows box for a family/friend who got a virus or suffered some unrecoverable BSOD. Use a live USB/CD to pull the data off.

    – Jared Smith
    yesterday






  • 2





    Duplicate of: superuser.com/questions/5039/…

    – Technoguyfication
    yesterday






  • 3





    When you say "there's an account on it that has a password" does that mean there is (at least one) other account that you can get into, or is this the only account you know of?

    – TripeHound
    17 hours ago











  • What do you need access to the account for? If you just want to grab the files, you can do so without logging in as long as they're not encrypted.

    – Cubic
    9 hours ago


















22















I have an old ThinkPad R40 family laptop running Windows XP lying around and there's an account on it that has a password and it gave me a hint and I put everything I could possibly think in there and no luck. Is there any way to bypass the password?










share|improve this question









New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 8





    You can always stick a Linux USB boot drive, and load it from BIOS. This is my usual method (getting into old Windows research computers). Simply Google "log into locked windows computer with linux usb". I can verify it works on Windows XP and Windows 7.

    – Shinobii
    yesterday






  • 3





    Yeah, pretty sure every linux user ever has at some point recovered data from a windows box for a family/friend who got a virus or suffered some unrecoverable BSOD. Use a live USB/CD to pull the data off.

    – Jared Smith
    yesterday






  • 2





    Duplicate of: superuser.com/questions/5039/…

    – Technoguyfication
    yesterday






  • 3





    When you say "there's an account on it that has a password" does that mean there is (at least one) other account that you can get into, or is this the only account you know of?

    – TripeHound
    17 hours ago











  • What do you need access to the account for? If you just want to grab the files, you can do so without logging in as long as they're not encrypted.

    – Cubic
    9 hours ago














22












22








22


6






I have an old ThinkPad R40 family laptop running Windows XP lying around and there's an account on it that has a password and it gave me a hint and I put everything I could possibly think in there and no luck. Is there any way to bypass the password?










share|improve this question









New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.












I have an old ThinkPad R40 family laptop running Windows XP lying around and there's an account on it that has a password and it gave me a hint and I put everything I could possibly think in there and no luck. Is there any way to bypass the password?







passwords windows






share|improve this question









New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.











share|improve this question









New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this question




share|improve this question








edited yesterday









Anders

50.5k22144167




50.5k22144167






New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









asked yesterday









ColtonColton

11413




11413




New contributor




Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Colton is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 8





    You can always stick a Linux USB boot drive, and load it from BIOS. This is my usual method (getting into old Windows research computers). Simply Google "log into locked windows computer with linux usb". I can verify it works on Windows XP and Windows 7.

    – Shinobii
    yesterday






  • 3





    Yeah, pretty sure every linux user ever has at some point recovered data from a windows box for a family/friend who got a virus or suffered some unrecoverable BSOD. Use a live USB/CD to pull the data off.

    – Jared Smith
    yesterday






  • 2





    Duplicate of: superuser.com/questions/5039/…

    – Technoguyfication
    yesterday






  • 3





    When you say "there's an account on it that has a password" does that mean there is (at least one) other account that you can get into, or is this the only account you know of?

    – TripeHound
    17 hours ago











  • What do you need access to the account for? If you just want to grab the files, you can do so without logging in as long as they're not encrypted.

    – Cubic
    9 hours ago














  • 8





    You can always stick a Linux USB boot drive, and load it from BIOS. This is my usual method (getting into old Windows research computers). Simply Google "log into locked windows computer with linux usb". I can verify it works on Windows XP and Windows 7.

    – Shinobii
    yesterday






  • 3





    Yeah, pretty sure every linux user ever has at some point recovered data from a windows box for a family/friend who got a virus or suffered some unrecoverable BSOD. Use a live USB/CD to pull the data off.

    – Jared Smith
    yesterday






  • 2





    Duplicate of: superuser.com/questions/5039/…

    – Technoguyfication
    yesterday






  • 3





    When you say "there's an account on it that has a password" does that mean there is (at least one) other account that you can get into, or is this the only account you know of?

    – TripeHound
    17 hours ago











  • What do you need access to the account for? If you just want to grab the files, you can do so without logging in as long as they're not encrypted.

    – Cubic
    9 hours ago








8




8





You can always stick a Linux USB boot drive, and load it from BIOS. This is my usual method (getting into old Windows research computers). Simply Google "log into locked windows computer with linux usb". I can verify it works on Windows XP and Windows 7.

– Shinobii
yesterday





You can always stick a Linux USB boot drive, and load it from BIOS. This is my usual method (getting into old Windows research computers). Simply Google "log into locked windows computer with linux usb". I can verify it works on Windows XP and Windows 7.

– Shinobii
yesterday




3




3





Yeah, pretty sure every linux user ever has at some point recovered data from a windows box for a family/friend who got a virus or suffered some unrecoverable BSOD. Use a live USB/CD to pull the data off.

– Jared Smith
yesterday





Yeah, pretty sure every linux user ever has at some point recovered data from a windows box for a family/friend who got a virus or suffered some unrecoverable BSOD. Use a live USB/CD to pull the data off.

– Jared Smith
yesterday




2




2





Duplicate of: superuser.com/questions/5039/…

– Technoguyfication
yesterday





Duplicate of: superuser.com/questions/5039/…

– Technoguyfication
yesterday




3




3





When you say "there's an account on it that has a password" does that mean there is (at least one) other account that you can get into, or is this the only account you know of?

– TripeHound
17 hours ago





When you say "there's an account on it that has a password" does that mean there is (at least one) other account that you can get into, or is this the only account you know of?

– TripeHound
17 hours ago













What do you need access to the account for? If you just want to grab the files, you can do so without logging in as long as they're not encrypted.

– Cubic
9 hours ago





What do you need access to the account for? If you just want to grab the files, you can do so without logging in as long as they're not encrypted.

– Cubic
9 hours ago










3 Answers
3






active

oldest

votes


















33














You can boot in safe mode an then try to reset the password.




  • Once you enter in safe mode you can go to Control Panel > User Account > Change Account.



  • Or in a command line window and type the



    net user [account name] [new password]


    e.g:



    net user administrator password



If that's not possible, you can use a Linux live CD and boot with it. Mount the windows drive and use the chntpw to change the password.



sudo chntpw -u "USER NAME" SAM





share|improve this answer





















  • 4





    Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

    – Heinzi
    17 hours ago











  • @Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

    – TripeHound
    17 hours ago






  • 1





    @Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

    – TripeHound
    16 hours ago






  • 4





    In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

    – Hugo
    16 hours ago






  • 6





    @Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

    – Heinzi
    15 hours ago



















12














Change or empty the password located in %SystemRoot%system32configSAM using external tools like the Offline Windows Password & Registry Editor bootdisk.



As this is Windows XP (EOL since April 2014), a better approach would be to backup the files e.g. with a SATA to USB adapter and then nuke the system. Password for the OS user doesn't protect the files.






share|improve this answer


























  • Is there a similar tool for Win10?

    – Thomas Weller
    yesterday











  • Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

    – Luaan
    14 hours ago











  • It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

    – Esa Jokinen
    12 hours ago













  • A naive question - how do you backup the files if you cannot login to the computer?

    – user1993
    25 mins ago



















3














Try the first answer by Hugo first (most XP machines weren't set up properly so that usually works)- if it doesn't work here's another option



Iv'e done this a lot by using the sethc file to bring up the command prompt before login



It works by replacing the sethc.exe (sticky keys) file in c:/windows/system32 with the command prompt (cmd.exe)



There are a few ways to do it - the most simple one is this, if you don't have a repair disk google "sethc hack windows 7" for other ways like booting into linux, this works with every version of windows (except windows 10 when it has been linked to your email account, otherwise it usually ok with windows 10 too)



Once the sethc.exe file is replaced with the cmd.exe file (however you did it) simply boot windows as normal, when you reach the login screen keep pressing the shift key until the command prompt appears. Type net user [username] [new password] and hit enter, you can now login with the new password






share|improve this answer










New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 5





    @schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

    – Bob
    21 hours ago








  • 1





    @Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

    – kinokijuf
    17 hours ago













  • @kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

    – Luaan
    14 hours ago











  • @Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

    – kinokijuf
    8 hours ago













  • @Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

    – Matt
    2 hours ago














Your Answer








StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "162"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});

function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});


}
});






Colton is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207425%2fhow-to-bypass-password-on-windows-xp-account%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown

























3 Answers
3






active

oldest

votes








3 Answers
3






active

oldest

votes









active

oldest

votes






active

oldest

votes









33














You can boot in safe mode an then try to reset the password.




  • Once you enter in safe mode you can go to Control Panel > User Account > Change Account.



  • Or in a command line window and type the



    net user [account name] [new password]


    e.g:



    net user administrator password



If that's not possible, you can use a Linux live CD and boot with it. Mount the windows drive and use the chntpw to change the password.



sudo chntpw -u "USER NAME" SAM





share|improve this answer





















  • 4





    Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

    – Heinzi
    17 hours ago











  • @Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

    – TripeHound
    17 hours ago






  • 1





    @Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

    – TripeHound
    16 hours ago






  • 4





    In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

    – Hugo
    16 hours ago






  • 6





    @Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

    – Heinzi
    15 hours ago
















33














You can boot in safe mode an then try to reset the password.




  • Once you enter in safe mode you can go to Control Panel > User Account > Change Account.



  • Or in a command line window and type the



    net user [account name] [new password]


    e.g:



    net user administrator password



If that's not possible, you can use a Linux live CD and boot with it. Mount the windows drive and use the chntpw to change the password.



sudo chntpw -u "USER NAME" SAM





share|improve this answer





















  • 4





    Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

    – Heinzi
    17 hours ago











  • @Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

    – TripeHound
    17 hours ago






  • 1





    @Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

    – TripeHound
    16 hours ago






  • 4





    In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

    – Hugo
    16 hours ago






  • 6





    @Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

    – Heinzi
    15 hours ago














33












33








33







You can boot in safe mode an then try to reset the password.




  • Once you enter in safe mode you can go to Control Panel > User Account > Change Account.



  • Or in a command line window and type the



    net user [account name] [new password]


    e.g:



    net user administrator password



If that's not possible, you can use a Linux live CD and boot with it. Mount the windows drive and use the chntpw to change the password.



sudo chntpw -u "USER NAME" SAM





share|improve this answer















You can boot in safe mode an then try to reset the password.




  • Once you enter in safe mode you can go to Control Panel > User Account > Change Account.



  • Or in a command line window and type the



    net user [account name] [new password]


    e.g:



    net user administrator password



If that's not possible, you can use a Linux live CD and boot with it. Mount the windows drive and use the chntpw to change the password.



sudo chntpw -u "USER NAME" SAM






share|improve this answer














share|improve this answer



share|improve this answer








edited yesterday









Esa Jokinen

3,6981120




3,6981120










answered yesterday









HugoHugo

1,386912




1,386912








  • 4





    Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

    – Heinzi
    17 hours ago











  • @Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

    – TripeHound
    17 hours ago






  • 1





    @Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

    – TripeHound
    16 hours ago






  • 4





    In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

    – Hugo
    16 hours ago






  • 6





    @Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

    – Heinzi
    15 hours ago














  • 4





    Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

    – Heinzi
    17 hours ago











  • @Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

    – TripeHound
    17 hours ago






  • 1





    @Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

    – TripeHound
    16 hours ago






  • 4





    In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

    – Hugo
    16 hours ago






  • 6





    @Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

    – Heinzi
    15 hours ago








4




4





Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

– Heinzi
17 hours ago





Out of curiosity: Could you explain how this solves the problem? As far as I remember, Windows XP still required valid logon credentials even in safe mode. Is my memory wrong?

– Heinzi
17 hours ago













@Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

– TripeHound
17 hours ago





@Heinzi It possibly depends whether this is the only account on the machine (the OP knows) or not... to me, the OP's "there's an account on it that has a password" half-implies that they can get in on another account, though I admit that's speculation.

– TripeHound
17 hours ago




1




1





@Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

– TripeHound
16 hours ago





@Heinzi You're right that you don't/shouldn't need safe mode if there is another account available. I was mainly focused on that the OP seemed to indicate (possibly just by loose wording) that there was another account available.

– TripeHound
16 hours ago




4




4





In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

– Hugo
16 hours ago





In windows XP by default the administrator account has a blank password. Booting in safe mode with the user administrator can allow you to reset all other users passwords. You just need to choose the option administrator or write administrator in the logon box without password.

– Hugo
16 hours ago




6




6





@Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

– Heinzi
15 hours ago





@Hugo: And why do you need safe mode for that? I.e., what prevents you from logging in as Administrator in "regular" mode?

– Heinzi
15 hours ago













12














Change or empty the password located in %SystemRoot%system32configSAM using external tools like the Offline Windows Password & Registry Editor bootdisk.



As this is Windows XP (EOL since April 2014), a better approach would be to backup the files e.g. with a SATA to USB adapter and then nuke the system. Password for the OS user doesn't protect the files.






share|improve this answer


























  • Is there a similar tool for Win10?

    – Thomas Weller
    yesterday











  • Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

    – Luaan
    14 hours ago











  • It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

    – Esa Jokinen
    12 hours ago













  • A naive question - how do you backup the files if you cannot login to the computer?

    – user1993
    25 mins ago
















12














Change or empty the password located in %SystemRoot%system32configSAM using external tools like the Offline Windows Password & Registry Editor bootdisk.



As this is Windows XP (EOL since April 2014), a better approach would be to backup the files e.g. with a SATA to USB adapter and then nuke the system. Password for the OS user doesn't protect the files.






share|improve this answer


























  • Is there a similar tool for Win10?

    – Thomas Weller
    yesterday











  • Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

    – Luaan
    14 hours ago











  • It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

    – Esa Jokinen
    12 hours ago













  • A naive question - how do you backup the files if you cannot login to the computer?

    – user1993
    25 mins ago














12












12








12







Change or empty the password located in %SystemRoot%system32configSAM using external tools like the Offline Windows Password & Registry Editor bootdisk.



As this is Windows XP (EOL since April 2014), a better approach would be to backup the files e.g. with a SATA to USB adapter and then nuke the system. Password for the OS user doesn't protect the files.






share|improve this answer















Change or empty the password located in %SystemRoot%system32configSAM using external tools like the Offline Windows Password & Registry Editor bootdisk.



As this is Windows XP (EOL since April 2014), a better approach would be to backup the files e.g. with a SATA to USB adapter and then nuke the system. Password for the OS user doesn't protect the files.







share|improve this answer














share|improve this answer



share|improve this answer








edited yesterday

























answered yesterday









Esa JokinenEsa Jokinen

3,6981120




3,6981120













  • Is there a similar tool for Win10?

    – Thomas Weller
    yesterday











  • Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

    – Luaan
    14 hours ago











  • It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

    – Esa Jokinen
    12 hours ago













  • A naive question - how do you backup the files if you cannot login to the computer?

    – user1993
    25 mins ago



















  • Is there a similar tool for Win10?

    – Thomas Weller
    yesterday











  • Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

    – Luaan
    14 hours ago











  • It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

    – Esa Jokinen
    12 hours ago













  • A naive question - how do you backup the files if you cannot login to the computer?

    – user1993
    25 mins ago

















Is there a similar tool for Win10?

– Thomas Weller
yesterday





Is there a similar tool for Win10?

– Thomas Weller
yesterday













Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

– Luaan
14 hours ago





Password for the OS user does protect the encrypted files, though. So if you have anything encrypted on the drive, there's no way to recover it without knowing the password. In some cases, it's easy enough to crack the password, though.

– Luaan
14 hours ago













It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

– Esa Jokinen
12 hours ago







It's Windows XP and ThinkPad R40 was manufactured approximately in 2003: it doesn't have TPM. If OP is this far, the drive is not encrypted (or he has the encryption key). Also, it's not impossible to steal the encryption key if TPM has revealed it. You should always shutdown (or hibernate, but NOT sleep) the computer and have a power-on password.

– Esa Jokinen
12 hours ago















A naive question - how do you backup the files if you cannot login to the computer?

– user1993
25 mins ago





A naive question - how do you backup the files if you cannot login to the computer?

– user1993
25 mins ago











3














Try the first answer by Hugo first (most XP machines weren't set up properly so that usually works)- if it doesn't work here's another option



Iv'e done this a lot by using the sethc file to bring up the command prompt before login



It works by replacing the sethc.exe (sticky keys) file in c:/windows/system32 with the command prompt (cmd.exe)



There are a few ways to do it - the most simple one is this, if you don't have a repair disk google "sethc hack windows 7" for other ways like booting into linux, this works with every version of windows (except windows 10 when it has been linked to your email account, otherwise it usually ok with windows 10 too)



Once the sethc.exe file is replaced with the cmd.exe file (however you did it) simply boot windows as normal, when you reach the login screen keep pressing the shift key until the command prompt appears. Type net user [username] [new password] and hit enter, you can now login with the new password






share|improve this answer










New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 5





    @schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

    – Bob
    21 hours ago








  • 1





    @Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

    – kinokijuf
    17 hours ago













  • @kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

    – Luaan
    14 hours ago











  • @Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

    – kinokijuf
    8 hours ago













  • @Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

    – Matt
    2 hours ago


















3














Try the first answer by Hugo first (most XP machines weren't set up properly so that usually works)- if it doesn't work here's another option



Iv'e done this a lot by using the sethc file to bring up the command prompt before login



It works by replacing the sethc.exe (sticky keys) file in c:/windows/system32 with the command prompt (cmd.exe)



There are a few ways to do it - the most simple one is this, if you don't have a repair disk google "sethc hack windows 7" for other ways like booting into linux, this works with every version of windows (except windows 10 when it has been linked to your email account, otherwise it usually ok with windows 10 too)



Once the sethc.exe file is replaced with the cmd.exe file (however you did it) simply boot windows as normal, when you reach the login screen keep pressing the shift key until the command prompt appears. Type net user [username] [new password] and hit enter, you can now login with the new password






share|improve this answer










New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
















  • 5





    @schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

    – Bob
    21 hours ago








  • 1





    @Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

    – kinokijuf
    17 hours ago













  • @kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

    – Luaan
    14 hours ago











  • @Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

    – kinokijuf
    8 hours ago













  • @Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

    – Matt
    2 hours ago
















3












3








3







Try the first answer by Hugo first (most XP machines weren't set up properly so that usually works)- if it doesn't work here's another option



Iv'e done this a lot by using the sethc file to bring up the command prompt before login



It works by replacing the sethc.exe (sticky keys) file in c:/windows/system32 with the command prompt (cmd.exe)



There are a few ways to do it - the most simple one is this, if you don't have a repair disk google "sethc hack windows 7" for other ways like booting into linux, this works with every version of windows (except windows 10 when it has been linked to your email account, otherwise it usually ok with windows 10 too)



Once the sethc.exe file is replaced with the cmd.exe file (however you did it) simply boot windows as normal, when you reach the login screen keep pressing the shift key until the command prompt appears. Type net user [username] [new password] and hit enter, you can now login with the new password






share|improve this answer










New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.










Try the first answer by Hugo first (most XP machines weren't set up properly so that usually works)- if it doesn't work here's another option



Iv'e done this a lot by using the sethc file to bring up the command prompt before login



It works by replacing the sethc.exe (sticky keys) file in c:/windows/system32 with the command prompt (cmd.exe)



There are a few ways to do it - the most simple one is this, if you don't have a repair disk google "sethc hack windows 7" for other ways like booting into linux, this works with every version of windows (except windows 10 when it has been linked to your email account, otherwise it usually ok with windows 10 too)



Once the sethc.exe file is replaced with the cmd.exe file (however you did it) simply boot windows as normal, when you reach the login screen keep pressing the shift key until the command prompt appears. Type net user [username] [new password] and hit enter, you can now login with the new password







share|improve this answer










New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









share|improve this answer



share|improve this answer








edited yesterday





















New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.









answered yesterday









MattMatt

1393




1393




New contributor




Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.





New contributor





Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.






Matt is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.








  • 5





    @schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

    – Bob
    21 hours ago








  • 1





    @Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

    – kinokijuf
    17 hours ago













  • @kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

    – Luaan
    14 hours ago











  • @Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

    – kinokijuf
    8 hours ago













  • @Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

    – Matt
    2 hours ago
















  • 5





    @schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

    – Bob
    21 hours ago








  • 1





    @Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

    – kinokijuf
    17 hours ago













  • @kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

    – Luaan
    14 hours ago











  • @Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

    – kinokijuf
    8 hours ago













  • @Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

    – Matt
    2 hours ago










5




5





@schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

– Bob
21 hours ago







@schroeder When accessibility tools are launched from the login/lock screen, they run under the (very) privileged SYSTEM user. You effectively end up with a root-level cmd, which can then trivially set user passwords. It is a bit of a hack, true, but not really a vuln worth fixing (in the sense of "they needed local/offline filesystem access to do this, so you're pwned anyway). Personally, I favour replacing Narrator, so it's still possible to get to the on-screen keyboard. (I'm guessing you know this; just elaborating for future readers. Feel free to copy this into the answer, Matt.)

– Bob
21 hours ago






1




1





@Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

– kinokijuf
17 hours ago







@Bob This is obviously not a vulnerability, since if you can replace files in system32, you are already on the other side of the airtight hatchway

– kinokijuf
17 hours ago















@kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

– Luaan
14 hours ago





@kinokijuf It doesn't require you to replace files in system32. Just use accessibility on the login screen, and you can launch task manager/cmd as administrator. It's a well known vulnerability on XP, it's actually been used for bypassing copy protection too :)

– Luaan
14 hours ago













@Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

– kinokijuf
8 hours ago







@Luaan [citation needed]? On a normal windows installation, you can only launch a pre-defined set of accessibility programs as SYSTEM from the login screen, and i assume they have been thoroughly checked for vulnerabilities.

– kinokijuf
8 hours ago















@Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

– Matt
2 hours ago







@Bob I've found that which acceptability tool is least useful depends on the user, I picked the sticky keys one as its the most unused and there is lots of info on google if the user can't work out what I am saying (it gives a good starting point for a search), I didn't call it a hack I only used the word as (a search phrase) it gets the most results from google when using this. Its just another option if the OP cant get a result from the others that's all. We don't know the users skill level here so I gave an answer where people can easily use it to search for more help if they need it

– Matt
2 hours ago












Colton is a new contributor. Be nice, and check out our Code of Conduct.










draft saved

draft discarded


















Colton is a new contributor. Be nice, and check out our Code of Conduct.













Colton is a new contributor. Be nice, and check out our Code of Conduct.












Colton is a new contributor. Be nice, and check out our Code of Conduct.
















Thanks for contributing an answer to Information Security Stack Exchange!


  • Please be sure to answer the question. Provide details and share your research!

But avoid



  • Asking for help, clarification, or responding to other answers.

  • Making statements based on opinion; back them up with references or personal experience.


To learn more, see our tips on writing great answers.




draft saved


draft discarded














StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsecurity.stackexchange.com%2fquestions%2f207425%2fhow-to-bypass-password-on-windows-xp-account%23new-answer', 'question_page');
}
);

Post as a guest















Required, but never shown





















































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown

































Required, but never shown














Required, but never shown












Required, but never shown







Required, but never shown







Popular posts from this blog

數位音樂下載

When can things happen in Etherscan, such as the picture below?

格利澤436b