Losing Windows login password is an inevitable situation anyone might go through. Maybe it's just an odd PC never being used frequently or shared with others. Clearly, there are chances to either forgot password from your side or could be changed by someone else. What really matters is that you're abandoned from accessing the PC unless you get the right password recovered. Moreover, you're left with a wide choice of methods to choose from. Simply, there isn't a 'best' method. You shall make use of those methods (or just one) which seem to comply amidst your comfort.
Generally, there are two types of cracking for Windows password. One valid solution is to extract the password hash from Windows and brute-force the hash value. When the hash is decrypted, it will be converted to a plain text, which is the password for login. This takes days or weeks if the password was complex. Another possible way is just to reset the password to blank. After that, there is no password required for login. This process is finished almost instantly.
Cain & Abel is one of the best freeware to crack password. It sniffs in drive partition and does a few trial checks and turn out to display your password in the readable format. However, a long password may cause trouble to get sorted.
Before getting started with Cain & Abel, unplug your hard-drive from locked PC and connect it as a secondary drive to a working one. This step is mandatory as Cain & Abel is operated on secondary PC.
Step 1: Download and install Cain & Abel from its official page. During installation, an additional prompt will be displayed to have 'WinPcap' installed. Proceed to install WinPcap as well. It a safe supplementary tool required for Cain & Abel's working.
Step 2: Open & select 'Tools' from the default interface. Choose 'Syskey Decoder' and click on 'бн' button (this would locate the system files used by windows to lock your PC). Instantly, the programme would display a decoded boot-key to crack the saved password. (Keep this boot-key copied)
Step 3: After, open 'Cracker' tab and select 'LM & NTLM Hashes'. When done, click the plus icon situated at the top left corner. Locate 'SAM file' of your locked Windows's partition and enter the boot-key you've obtained in the previous step.
Step 4: Proceed by clicking 'Next' and user lists will be loaded, aligned to right. Right click after selecting the desired user account and choose 'Brute-Force Attack -> NTLM Hashes'.
Step 5: Under charset, check 'Predefined' and choose a dictionary for brute-force. When done, press 'Start' and you're all set to have the tool start operating on your hard drive. Once recovered, the password will be visible inside the text box beneath.Cons of Cain & Abel:
If you were familiar with command prompt, the built-in free tool to perform tasks via plain text commands, it is quite easy to remove or change the user password in Windows with a set of commands. However, if you had no experience in using this utility, then it is highly recommended skipping this method and move to Part 3, which is much secure for average users.
Step 1: To get started with cracking password using cmd, you need a windows setup disk ready. You could create one using Windows Media Creation tool from another PC.
Step 2: Insert the setup disk and initiate a reboot. When the company logo fades in, press boot-option key and boot menu will be displayed. Select your USB/CD drive and proceed to boot. For some PCs, select 'Boot from USB' prior to this step.
Step 3: After your PC boot up, press 'Shift + F10' to have command line popped in. Replace utility manager with command prompt by executing following commands:
move d:\windows\system32\utilman.exe d:\
copy d:\windows\system32\cmd.exe d:\windows\system32\utilman.exe
Step 4: After these commands get executed, remove your setup disk and reboot. Upon login screen, select 'Ease of Access' option and the command prompt should pop up (If previous commands were precisely executed). Type in the following code to reset the password:
net user username newpassword
Step 5: Insert the setup disk again and restart. As before, press 'Shift + F10' to load the command prompt and execute:
copy d:\utilman.exe c:\windows\system32\utilman.exe
Step 6: Confirm to restore the utility manager by typing 'Yes'. Close the command prompt and reboot your PC after ejecting setup disk. Login and access your admin account without a password.Cons of Command Prompt:
Besides the two suggestions mentioned above, there is another easy and effective way to crack a Windows local password. However, most of such tools are not free. But it is really worth the investment. The Windows open password will be removed quickly so no longer waiting for the result.
In here, we will use PassGeeker Windows Password Reset tool as an example. PassGeeker is a widely used explicit utility to have Windows passwords reset instantly, On the other hand, the tool has provision to secure the saved data during this process. Thus, recovery using PassGeeker isn't vulnerable to fail or affect the current system files. Moreover, the tool supports major Windows OS versions ranging from older Windows XP/Vista/NT to Windows 7/8/10.
Step 1: Download & install PassGeeker software on a secondary PC. Insert a USB flash drive and start-up the tool. The interface assists you with 2 options to choose from. Among which, select 'Create Password Reset USB Flash Drive' and your drive name from the dropdown list. Alternatively, select 'Create Password Reset CD/DVD' if you prefer to use a CD/DVD for the recovery process.
Step 2 : Proceed by clicking the 'Burn USB' option. The required files would be burned within 5-10 minutes, depending on your drive's capability. (Note: recovery files are burned and rather not copied. If you have a low-end secondary pc, be patient enough to let the process complete.) When done, a dialogue pops in saying 'Burning Successful'. Unplug your flash drive and have your locked PC ready.
Step 3 : Insert your bootable flash-drive and reboot your PC. Enter your PC's boot menu before company logo gets dim. Select 'Boot from USB' option and then your USB stick. Burned files from the flash-drive will be used to perform a boot.
Step 4 : Upon completion, PassGeeker interface will be loaded on your locked PC. Select your desired OS version like 'Windows 10' from the list. (In case you have multiple OS versions installed). After, head straight to the user name you'd like to get password cleared for. Next, select 'Reset Password' and the tool will start operating on its own for a couple of secs. When done, the password was removed from the computer.
Unplug the disk and reboot the computer. In addition, an extra handy option named 'Add User' on tool's interface will help create a new user account on the computer for login.Download Now
Among the password cracking methods discussed throughout this guide, Part 1 and Part 2 won't feel comfortable unless you're an expert. But, those methods are still balling and risk-free if you can replicate them as mentioned. Part 3 make use of software built for this end and easily operable & less time-consuming. Taste what smells good in your terms.