Password Recovery on Windows XP


– Physical access to the machine
– (If needed) Ophcrack or EBCD (Emergency Bootable CD) after all other options are exhausted


Lost or forgotten the password to your Windows XP computer? Don’t worry, it can be easier to retrieve than you think. What’s described below is for educational purposes and to be used only on your own system or that you have permission to do so, also these only work for local system accounts.

Using Safe Mode:

This method will only work if the Safe Mode Administrator account is not password protected (the case more often than you think!) but in a pinch it might be your only option to check.

1) Reboot the computer by whatever means you deem appropriate at that time.

2) Once the Bios notices loads take note of the hot key to enter Safe Mode and hit it.

3) Enter any of the Safe Mode versions but I’d recommend sticking to Safe Mode with no networking.

4) You have 3 options to get to the same end (that I know of at least).

4.1) Navigate to the Control Panel and enter the User Accounts screen, select the user account(s) in question, and select the option to “Remove Password”. If this is not available skip to bullet #5.

4.2) Reboot the computer once more and enter the account(s) that were specified in bullet #4 without the need to enter a password.

5) Enter DOS if possible.

5.1) Enter Run (if available) and type in “control userpass2” to the Users Panel. If the Run option is not available for some reason skip to bullet 6.0, if these options are not available skip to the Software portion of this.

5.2) From here either reset or blank out the password on the account(s) in question or even create a new account with whatever user level you want.

5.3) Reboot the computer once more and enter the account(s) that were specified in bullet #5.2.

6.0) If Run isn’t available you can make a batch file to get you there as well. Enter Notepad or whatever text editor available that supports saving “All Files”.

6.1) Type out the command “control userpass2”, perform a “Save As”, name it whatever you want but be sure to name the extension a *.bat (which is why the “All Files” part comes in.

6.2) Double click the batch file to run the command you saved in it and you’re in the Users Panel, move back up to bullet 5.1.

Using Third Party Software:

7) Two very useful utilities I’ve found that work (with a bit of time) 99.99% of the time if the above options are not available are EBCD and Ophcrack. You need to insert one of these CD’s and reboot in order to use them. Refer to their documentation at the time of use for the most up to date information.

7.1) The fastest option is called EBCD (Emergency Bootable CD) found at It’s a Linux Live CD (aka an operating system that runs without needing to be installed) that attempts to remove the password on specified account(s) completely and of course doesn’t need to be logged into Windows to run so security is at a minimal. Unfortunately to download it now is behind a pay wall but older versions can probably be found easily enough.

7.2) The best option by far, since it leaves the existing password intact on the system is using a Linux Live CD called Ophcrack which has a very robust brute force password cracker. Length of time need to crack the password will depend on the speed of the PC’s RAM and CPU, length/complexity of the password, speed/condition of the CD drive optics and rotating components. In my experience it usually takes 5-15 minutes at worst for an average user’s password. A Windows Vista version exists as well.

7.3) Reboot the computer once more and enter the account(s) that were specified in bullet #7.2.

Keep in mind there a a LOT of other ways to go about this process but the above has always been as much as I ever needed.

Source –


About jignesh272

I am a Computer Science Student Studying at University Of Western Cape. Almost 6 Years in Java coding but now seem to share knowledge with others around via this site. Hope this site helps you whatever you were looking for.

Posted on December 2, 2011, in Uncategorized. Bookmark the permalink. 6 Comments.

  1. Hey jignesh pls reply by ur email that u regulaly use.
    Do u have the mac os 10.6.0 img.? 🙂

  2. I don’t think I have that one but I have the 10.7.3. let me know if you wanted.

  3. hey bro ,could u pls explain hashing (open).?
    I get the basics of it.
    But i dont understand the code that dots gave us.
    could u pls give a simple hashInsert code?

  4. I found this Link useful>>

    Hope it helps… you tube is the best option to get the best explanation …

  5. Hi
    pls bring the comsci papers for 2mrow .

  6. Hi
    pls bring comp sci notes 2mrow

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: