Retrieve Passwords in Windows XP

While Microsoft no longer officially supports the operating system, there are still plenty of computers across the world that still run Windows XP. What happens when a user on one of these systems loses their password? There’s no way to retrieve a password that has been lost, but there are several ways to set a brand new password for any user on the system, even the administrative account.

Steps

Resetting a Password as an Administrator

  1. Log in as an administrator. Accounts that have administrative privileges can change any other user’s password. This will only work if you know the password for the administrator account (or another account with admin privileges.[1]
  2. Open the Start menu and click “Run.” A text box will appear.
  3. Type cmd into the text box and press Enter. This will open a command prompt window.
  4. Type net user [Username]*. For example, net user Wiki * (if “Wiki” is the account that needs a new password). Make sure there is a space between * and the username as shown, then press Enter.
  5. Type a new password, then press Enter. You’ll be asked to confirm the password by typing it again. Once the password is confirmed, it can be used to access the account.

Using a Windows XP CD

  1. Insert your Windows XP CD into your CD-ROM drive. This method will only work if you have a bootable Windows XP CD. If it’s an original Windows XP CD then it will be bootable. If it’s a burned CD, it may not be, but there’s no way to know unless you try.
  2. Reboot your computer. When the computer restarts, you’ll see a message that says “press any key to boot from disk.” Press a key on the keyboard.[2]
    • If the computer boots up without asking you to press a key, then the Windows XP CD you’re using isn’t bootable.
    • You can borrow Windows XP CD from someone (or have someone burn you a bootable copy). It doesn’t have to be the same CD that came with this version of Windows.
  3. Press the R key to “repair” your installation.
  4. Press Shift+F10 when the screen says “Installing Devices.” This will open a command prompt.
  5. Type NUSRMGR.CPL and then press Enter. This will open the User Account Control Panel, where you will be able to reset any password by selecting a user and adding a new password.

Booting into Safe Mode

  1. Restart the computer while tapping the F8 key repeatedly.
  2. Use the keys to highlight “Safe Mode with Command Prompt.” Press Enter to begin the boot process.
  3. Select the Administrator account. There is no password set by default, so this will work unless someone else has configured a special password for the Administrator account. In most cases, there will be no password.
  4. Type net user at the command prompt. Then press Enter. This will show a list of all of the accounts on the computer.[3].
  5. Select a user and change the password. Type net user Wiki 12345678 where “Wiki” is the name of the user with the missing password, and “12345678” is the password you choose. Press Enter to continue.
  6. Type shutdown –r to restart the computer. The computer will restart normally, and the user whose password you’ve changed will now be able to log in with their new password.

Booting from a Linux CD

  1. Boot the machine with a “live” version of Linux. Ubuntu is recommended by experts. [4] A “live” version allows you to Use and Install a Live CD of Linux Put the disk into your CD Rom drive and restart the computer. When prompted to “press any key to boot from CD,” press any key.
  2. Access the live Linux desktop. Depending on the version of Linux you’re using, you may be prompted to choose a version to use. Choose “Live” or “Try Linux” to access the Linux desktop.
  3. Press Ctrl+L. This will open the location bar.[5]
  4. Type computer:/// and press Enter. Make sure you type all 3 slashes (/). A list of hard drives will appear.
  5. Mount the Windows drive. Right-click on the hard drive that contains your Windows installation and select “Mount.” If there’s only one hard drive in the machine, it will be the drive that doesn’t say “System Reserved.”
  6. Double-click the Windows drive. Now look at the top of the screen where you previously typed computer:///. Write down (or copy) the full path that now appears in that window. You’ll need it in a minute.
  7. Press Ctrl+Alt+T to open the command prompt.[6] You’ll be entering a series of commands into this terminal window, and they are all case sensitive.
  8. Enter the Windows drive through the terminal. Type cd /path/to/windows/drive where “/path/to/windows/drive” is the full path that you previously wrote down or copied. Press Enter to continue.
  9. Type cd Windows/System32 and press Enter. Notice that there is no / in front of the word Windows. The directory names and path is case sensitive here.
  10. Install and run the “chntpw” tool. Type sudo apt-get install chntpw and press Enter to install. Once you are returned to the command prompt, type sudo chntpw –u username SAM. Replace the word “username” with the account name of the Windows user whose password you want to erase, and remember that everything is case-sensitive. Press Enter to show a list of options.
  11. Press 1 to clear the user’s password. Press Enter, then y to confirm that you want to erase the password.
  12. Reboot into Windows. Press the “power” icon at the top right of the screen to reboot the computer. Boot into Windows (don’t boot from the Linux CD). When the Windows login screen appears, you can now log in to the affected account without a password.

Accessing Files Without a Password by Putting the Hard Drive in Another PC

  1. Understand the process. Use this method if you’re unable to get the user’s password with other methods. This method won’t allow you to find or reset the password, but you can access the user’s files so that their data is not lost. You’ll need administrative access to another Windows computer for this to work.
  2. Remove the hard drive from the Windows XP computer with the missing password. With the computer turned off and unplugged, open the case and disconnect the hard drive.
  3. Put the hard drive into an external drive enclosure and connect it to the other PC. Alternatively you could open the second PC and install it.
  4. Boot the second PC and log in with its Administrator account. Because you’re logged in as an administrator and have the other hard drive connected to the computer, you now have access to everything on the other hard drive.
  5. Copy any data you need from the Windows XP hard drive to the second PC. Press Win+E to open the File Explorer.
    • The second hard drive will show under “Computer” or “This PC,” depending on the version of Windows you are using. Double-click this drive and navigate to the user’s files, which are located in C:\Windows\Documents and Settings\User, where “User” is the name of your user.
    • Press Win+E again to open a second instance of the File Explorer, which will make it simple to drag files from your user’s directory to the second computer. You can drag the files anywhere, including a flash drive.
  6. Put the drive back into the original computer. While you haven’t recovered the password, you’ve copied the user’s files so they haven’t lost any data.

Tips

  • Microsoft no longer supports Windows XP, which means there’s virtually no help available for the operating system. Upgrade to the latest version of Windows to be sure you can receive support when needed.
  • There are many software options that claim to help “hack” passwords. Only download from sites that you trust.

Warnings

  • Accessing a user’s files when you aren’t supposed to could get you into big trouble.

Related Articles

Sources and Citations