Recovering a Forgotten Administrator Password

Written by Barry Dysert (last updated October 2, 2017)

You may be relieved to know that there is no built-in utility that will help you recover a forgotten administrator password. After all, if there were then anyone with access to your system could effect a security breach. But what if it's your system, and you're the one who can't remember a forgotten password?

As you may have guessed, there are some third-party tools that are designed to help in such a situation. I have personally tried some, and the two I'm recommending in this tip worked flawlessly on my Windows 7 PC. If you don't want to use a third-party tool, then your only real choices are to keep guessing what your password is or take the draconian step of re-installing Windows. Personally, I'd choose the third-party route.

Both options require that you create a boot disk with the appropriate software on it. Therefore, you need to procure a couple of empty CDs that you'll write to. Then you can download the tools. The first is called 'ophcrack' and can be downloaded from this site:

Go to the website and scroll down until you see the download for "ophcrack Vista/7 LiveCD". This will download an .iso file which you need to burn to one of your CDs; label the CD "ophcrack." We'll go over using 'ophcrack' shortly, but let's go get the second tool first.

The second password tool is called 'chntpw' and can be downloaded from here:

Go to the website and scroll down until you see the "Download" section. Under there you'll find a link to '', which is the file you want to download. When you unpack the zip file you'll see that it contains a file called 'cd140201.iso'. Burn that file to your second CD and label it "chntpw."

Now that we're done with the preliminaries, load your ophcrack CD into the drive and (re)start your computer. Depending on your system configuration, you may need to press a special function key to tell your computer to boot from the CD instead of the hard drive. (This is what you want to do: boot from the CD that contains opbcrack.)

You'll see a lot of text scroll by as ophcrack loads, but shortly it will display a GUI screen that responds to the mouse. The first thing to do is to click the Tables button to install the password configuration tables. Select what tables to install from the path "/media/hda/tables", then click the Crack button. The rest is now automatic. It will load the tables into memory and then it tries to discover the passwords for all enabled accounts. It took ophcrack 5 minutes and 12 seconds to find an administrative password on my system. I let it continue for another 10 minutes to see if would find any more, but I eventually clicked Stop and Exit (after all, one is all you need). I was then presented with a menu of what to do next. Using the arrow keys I highlighted "Reboot" and pressed Enter. As the computer was restarting I ejected the CD so that the system would come up normally.

The chntpw tool is different from ophcrack in a couple of ways. For one thing, it does not have a GUI interface. And for another, chntpw doesn't try to crack and display the current passwords; instead, it provides the means for you to clear a password so that you can login without one.

It's possible that ophcrack will not come up with any passwords, so it's good to have chntpw as a backup. Load that CD into the drive and restart your system. After it has booted and chntpw has taken control you'll go through several prompts. The first prompt asks you to select the partition where the Windows installation is located. Press Enter to accept the default. Next you're prompted to specify which part of the registry is to be loaded. Again press Enter to accept the default.

Now you're at the main interactive menu, which lets you select whether to deal with user data and passwords or registry data. Press Enter to accept the default. You're then presented with a table of usernames and whether they have administrator rights. Type the RID of an administrator username that isn't locked, and press Enter.

You've finally reached the Edit User menu. type "1" (without the quotes) to clear the selected username's password and press Enter. That clears the password. Eject the CD and restart the system. After Windows comes up you'll be able to login under the username whose password you cleared without having to specify its (now-cleared) password. Once logged in, you can, of course, use the normal Windows tools to set the password to whatever you wish.

 This tip (13088) applies to Windows 7, 8, and 10.

Author Bio

Barry Dysert

Barry has been a computer professional for over 35 years, working in different positions such as technical team leader, project manager, and software developer. He is currently a software engineer with an emphasis on developing custom applications under Microsoft Windows. When not working with Windows or writing Tips, Barry is an amateur writer. His first non-fiction book is titled "A Chronological Commentary of Revelation." ...


Quick Ways to Get Back to Your Desktop

There may be times when you need to get back to your desktop by eliminating the "clutter" of all your open windows. ...

Discover More

Understanding File Types and Extensions

File types (or extensions) are key to using Windows effectively. When you double-click a file in Windows Explorer or File ...

Discover More

Customizing the Explorer's File List Display

Windows Explorer is a powerful utility to use for navigating among your files and folders. And it can be customized a ...

Discover More
More WindowsTips

Review and Clear Bing Search History

Search engines are a great way to gather information about the world around us. While a search engine presents ...

Discover More

Understanding Data Execution Prevention

Windows has many malware-prevention features. One of these is Data Execution Prevention. This tip provides an explanation ...

Discover More

Modifying How Windows Notifies You of Impending Changes

Part of the security system built into Windows involves notifying you when changes are about to occur to your system. ...

Discover More

If you would like to add an image to your comment (not an avatar, but an image to help in making the point of your comment), include the characters [{fig}] (all 7 characters, in the sequence shown) in your comment text. You’ll be prompted to upload your image when you submit the comment. Maximum image size is 6Mpixels. Images larger than 600px wide or 1000px tall will be reduced. Up to three images may be included in a comment. All images are subject to review. Commenting privileges may be curtailed if inappropriate images are posted.

What is six more than 1?

There are currently no comments for this tip. (Be the first to leave your comment—just use the simple form above!)

Newest Tips