How to recover your Windows Administrator password

Easy password recovery


Most operating systems have restricted user accounts for everyday use and one administrator account that has full functionality, which is only used for system maintenance and software installation.

This makes for a more secure system, because malware on a restricted account can't cause nearly as much trouble.

Windows is usually run in admin mode, but if you're a security conscious person and you usually run a restricted account, there's a chance you could forget your admin password because it's so rarely used.

Ophcrack can help in this situation. All Windows passwords are encrypted for security purposes, so getting into an account where you've forgotten the password is nigh-on impossible without outside help. In order to recover your password, Ophcrack cracks your Windows passwords using a huge table of data (over 600MB).

However, it's OS specific, so if you want to recover Vista passwords, you'll need to download the table for that version of Windows.

A password saviour

Ophcrack comes in two handy flavours: a Windows version and a Live Disc variant that runs in the place of Windows. Each has advantages and disadvantages.

The Windows version enables you to store as many tables as you want and use them to recover passwords from almost any version of the OS.

The Ophcrack Live Disc is useful if you're completely locked out of your machine because it enables you to boot straight into the application and find that forgotten password without needing access to Windows itself. Burn just one disc and you'll always be able to get into Windows.

1. Get the password data

Ophcrack needs the encrypted password – its hash data – to decode it into the actual passphrase, so click Load > Local SAM.

Step 1

2. Activate the table

Now you need to select a rainbow table. Click Install and navigate to the right one. Ensure the table you need is activated with the green button.

Step 2

3. Crack the password

Click Crack to start the process, but be prepared to wait a bit. Eventually, the lost password should be displayed in the NT Pwd column.

Step 3

Article continues below