SEARCH

How-To Geek

How to Crack Your Forgotten Windows Password

image

Here at How-To Geek, we’ve covered many different ways to reset your password for Windows—but what if you can’t reset your password? Or what if you’re using drive encryption that would wipe out your files if you changed the password? It’s time to crack the password instead.

To accomplish this, we’ll use a tool called Ophcrack that can crack your password so you can login without having to change it.

Download Ophcrack

The first thing we will need to do is download the CD image from Ophcrack’s website. There are two options to download, XP or Vista, so make sure you grab the right one. The Vista download works with Windows Vista or Windows 7, and the only difference between XP and Vista is the “tables” Ophcrack uses to determine the password.

Once the .iso file is downloaded, burn it to a CD using the guide below.

If you are going to be cracking your password on something that doesn’t have a CD drive, such as a netbook, download the universal USB creator from PenDrive Linux (Link Below). A USB drive will not only run faster but you can also use a single USB drive for Windows XP, Vista, and 7 if you copy the needed tables to the drive.

To create a USB drive that works with all versions of Windows, download the free password tables from Ophcrack’s website.

Note: There are free tables available on Ophcrack’s website and there are paid tables, the paid tables will typically get the job done faster and will be able to crack more complex passwords but the paid tables may not fit on a USB drive because they range in size from 3 GB to 135 GB.

Now extract the tables to \tables\vista_free on the USB drive and they will be used automatically by Ophcrack.

Boot from CD/USB

Boot the computer from the CD or USB drive that you created.

Note: On some computers you may have to go into the BIOS settings to change the boot order or push a key to show the boot menu.

image

Once the disk is done booting, Ophcrack should start automatically and will begin cracking the passwords for all of the users on your computer.

Note: If the computer boots and you only have a blank screen or Ophcrack doesn’t start, try restarting the computer and selecting manual or low RAM options on the live CD boot menu.

If you have a complex password it will take a lot longer than simple passwords, and with the free tables your password may never be cracked. Once the crack is done you will see the password in plain text, write it down and reboot the machine to login. If your password isn’t cracked, you can also log in as one of the other users with admin rights and then change your password from within Windows.

With the free tables available you will not be able to crack every password, but the paid tables range from $100 to $1000 so you may be better off just resetting your password with on of these tutorials:

You can get all of the software needed for password cracking from these links.

If you aren’t using drive encryption and you’ve got a tough password, it’s usually much faster to reset the password using one of the tools above, but we like to show you all the different techniques that you can use.

Justin is a Linux and HTPC enthusiast who loves to try new projects. He isn't scared of bricking a cell phone in the name of freedom.

  • Published 09/28/10

Comments (38)

  1. cman32

    I have always used Hiren’s Boot CD to reset a forgotten password. Very easy to use, and lots of other usefull utilities included.

  2. Polish

    NTOffline password editor is 10x easier. Not sure if it works with 7 or vista but for xp it takes a whole 5min total process from download to burn to actually resetting the password.

  3. Msidiiq

    @Polish.
    Sure it works with 7, i’ve used it a couple of hours ago to reset a freinds password. 10x faster….

  4. Sausage

    I was always under the impression that Ophcrack didn’t work on Windows 7 for some reason even though 7 is based off of Vista.

    I’m pretty sure that I’ve read numerous people commenting on that, has anybody actually used it successfully?

  5. Sausage

    Oh, that’s what I get for not refreshing before posting….

  6. Chris Kelly

    Is it me or do the links not work?

  7. Merv

    Good article. How about doing one that shows how to troubleshoot and reinstall a disabled and deleted IPV6/Toredo.
    I cannot get the home group to work in windows 7 without this item.

  8. Badwolf

    Kon-Boot goes one better – use it to boot into Windows and then use *ANY* password (or no password at all) to login to that machine. Works on local accounts only, but *may* work on domain accounts if passwor dhas been cached.

  9. Jose

    Hmmm. Seems to me these techniques are more useful for cracking into someone else’s system. I’m sure there are cases when recovery is needed. But I’d be willing to bet those cases are rare. The primary purpose of cracking passwords, it seems to me, is to gain access to some account or PC for other than emergency purposes. Very similar to justifying making multiple copies of a CD or DVD for “backup” purposes.

  10. asdf-chan

    Have fun bruteforcing 40 character passwords

  11. Xander_25

    I’ve always used Elcomsoft’s System Recovery. It works just like OphCrack and almost always is able to show you your password. You can also reset the password if you can’t recover what it is. Works on Windows Xp thru 7.

  12. Terry Dunn

    This looks like a really useful tool. Trouble is, you never know when disaster will strike, so it’s worth setting up tools like this in advance. But that requires a little forethought or planning…

    Terry

  13. Danny

    Jose,
    If you are an I/S technician, it is a very useful tool that can save a tech from having to reimage your PC/Laptop.
    Sometimes, the computer is off of the domain and the password of the local administrator account is not known. This prevents the user and tech from getting into the pc/laptop.
    Most of the people who use this specific type of software will be techs and will not be used for malicious reasons.

  14. Danny

    Also, I have seen many times where the actual local Windows “Administrator” account gets locked-out.

  15. ani

    Great tool to work with, have to try.Thanks

  16. TomAmitai

    The iso already has the tables, there is no need to download them separately. I used the sfv file that came with the tables to verify that they are the same as those on the iso, as installed on a usb drive by the universal installer.

    One thing to note, the universal installer couldn’t see the iso when I browsed for it, so I had to cut and paste the name into the filename box.

  17. theunspoken

    I am an IT in the Navy, went out on a ship to assist them for a deployment. Brought my Hiren’s disk, I have gotten numerous uses out of it already. Great tools to have around and like Terry and a few others said, if you work as an IT, you have to plan for these kinds of things and be ready for pretty much anything.

    The Unspoken

  18. ngethsokunthea

    sent to me now

  19. jayanta dey

    Most of the time I forgot my password and it’s create problem….I think I got the solution…Thanks for sharing….

  20. A.F

    Hi! Will the user still has access to his ‘private data’ if his password is resetted(deleted)? I understand that they will not be able to access their encrypted EFS data if their password is reset.

  21. Manh Quan

    Hi, my problem is that my laptop has only one user as a administrator, so I can not go further than the login screen. How can Ophcrack work in my situation? I’m preparing all the needed stuffs on my friends’ laptop.
    Please help, thank you.

  22. GeedieZ

    There’s a simple way to protect your computer from such hacks. Enable password in BIOS, set to boot up only from HDD (delete CD and USB bootabole devices). Also, disable bios flashing while you’re there – this will prevent hacker from upgrading your BIOS and resetting password for it.

    Of course a hacker could just take out the CMOS battery and the password is gone but he would have to have a signifficatn amount of time to to that, and firstly – to realize that he has to use such methods. And the more time he thinks how to hack in to computer, the more time we have to chatch him ;)

  23. bigtimer30

    Hey i tried ophcarck and it does not work on Vista. Has any one used Trinity Rescue.

  24. john

    hi geek – i can’t get this thing to work on windows 7, 64 bit. when i try to download latest version its a bz2 file. the vista one won’t start up once the linux gui comes on. any ideas? thanks.

  25. martin

    ophcrack and trinity are the same its easier to just remove the password at next reboot using this software rather than trying to crack your password and no it never found my password on my win 7 x64 but allowed me to reset the password at reboot instead just make sure you are not using the xp tables

  26. Rylai

    A Windows Password Reset Disk could do all the job for you, it can reset your lost or forgotten Windows password safely and quickly without login, you can create a Windows password reset disk with the tool Windows Password Breaker, then reset your password. Its more easier.

  27. Younes

    @Merv
    The best way I know off to get your IPV6/Toredo is to reinstall your windows 7 in UPGRADE mode, from your running Windows. It’ll keep all your installed apps and settings but reverts back any changes done to Core Windows features.
    Save your Windows key so that you can reactivate it after.
    Good luck.

  28. Anonymous

    Isn’t this type of software illegal? Aren’t they worried about potential lawsuits? :-O

  29. Gib

    It isnt because it’s to be used for password recovery only I believe. It probably could be used for hacking but you would need direct access to the computer.

  30. David

    Sorry, this FAILS, really bad, against my 22 character password. It’s not as easy as it looks.
    You can reset my password, yes. But you can’t crack it.

  31. Borris

    that doesnt work instead of crack the password the screen gets black : ( my computer is slowlier than ever :(

  32. Borris

    .:W:.:T:.:F:.

  33. Roshan

    great……………………

  34. Hdind

    Good, ophcrack is a freeware, but sometimes it doesn’t work.

    So i used Windows Password Key. Saved me today. After many hours of installing and tweaking a brand new PC, something went wrong. I was not able to log into the only Administrator account I had, once the machine had been rebooted.

    I burned Windows Password Key to usb, followed the onscreen prompts and in a few minutes was back in the machine.

    What a lifesaver!

    It will become a permanent part of my toolset for fixing Winndows password problems.

  35. password recovery

    Forgot Windows password? it is your better choice to use SmartKey windows password recovery, an efficient and highly appreciated software which would reset the lost password in any Windows system quickly. In my eyes, It’s worth a try! GO TO its official site for more info

  36. ame

    i tried this but every time i go to extract the vista files they dont extract at all and i really wanna get into my old laptop

  37. Rakesh Gupta

    The easiest way and foolproof and free method to remove any password from any windows be it XP /Vista / Windows 7 is to use live RESCATUX LINUX CD or USB.
    Try it !
    It takes exactly 10 secs.You do not have to any thing.
    You will be amazed !

  38. Lozeek Hari

    hey,
    what kind of mind u have yar??
    my laptop’s password is blocked and U me to download something……
    just go to hell

Get Free Articles in Your Inbox!

Join 134,000 newsletter readers

Email:

Go check your email!