If
you’ve ever forgotten a password and none of the usual tricks work to
get you back into your Windows box, then a boot CD like Hiren is a must.
Of all the things that you can do with this boot disc none is as useful
as making admin accounts. What this means is that if you have physical
access to a machine then there is nothing to prevent you from gaining
administrative access.
You can download the ISO for Hiren at https://www.hirensbootcd.org/download.
This article presumes you already know how to create a boot disc from
and ISO image and can boot to it. If you’ve never used the Hiren Boot CD
before then do yourself a favour and try it. It is an indispensable tool
in any technician’s bag of tricks.
1) After booting the disc, select the mini XP option. Once your at
the desktop click on the wrench icon in the notification area and
navigate to Pass Renew. The path is: Passwords/Keys-Windows Login-
Password Renew.
2)
At the Pass Renew screen click on “Select Target” in the lower right.
Then browse to the Windows folder on the local hard drive.
3)
Click OK, then click on the “Create new Administrator user” option
under “Select a task” on the left of the screen. Then enter the username
and password you want to use for the new account. For this tutorial
we’ll use testadmin as the username. Then click the “Install” option
under “Select an (a) action” on the left.
4) You will see a pop-up stating that the creating the new user is “Done.” Go ahead and click “OK”
5)
Now there is one trick to this next step that you must do correctly.
DO NOT “X” OUT! You must click the “Quit” option under “Select an
action” to finish using the program and use the account just created. If
you simply click the “X” then the account will show up on the Welcome
screen but you won’t be able to logon. So make sure to click “Quit.”
Success!!!
That’s
all there is to it. Now you can eject the disc and reboot the machine.
If all has gone well you will see your new account and be able to logon.
Hiren’s Boot CD is among the best all purpose boot disc out there.
With a large amount of antivirus apps and a huge variety of other tech
tools there’s not much you can’t do with this disc. Honestly, I’ve tried
most of them out there and other than the Backtrack CD there simply is
no other disc I use.
Courtesy: Rome’s IT Guy - https://turbofuture.com/computers/Using-Hirens-Boot-CD-to-Create-Admin-Accounts
Tested on: NT 3.51, NT 4 (all versions and SPs), Windows 2000 (all versions & SPs), Windows XP (all versions, also SP2 and SP3), Windows Server 2003 (all SPs), Windows Vista 32 and 64 bit (SP1 also), Window 7 (all variants). Some also say that it works on Windows Server 2008 too.
If used on users that have EFS encrypted files, and the system is XP or Vista, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again. If you don’t know if you have encrypted files or not, you most likely don’t have them (except maybe on corporate systems).
Boot your computer with Hiren’s BootCD and follow the steps below for resetting your password:
1. Enter “Offline NT/2000/XP/Vista/7 Password Changer”
With Up & Down keys select Offline ‘NT/2000/XP/Vista/7 Password Changer’ and press Enter.
2. Wait for “Offline NT Password & Registry Editor” to Load
On the screen below, you’ll see is several lines of text that quickly run down the screen. You don’t need to do anything here. Wait for “Offline NT Password & Registry Editor” to load.
3. Choose the Correct Hard Drive Partition
This step in the Offline NT Password & Registry Editor process is to select the partition that contains the Windows installation that you want to delete a password from.
Many computers have a single operating system installed on a single partition on a single hard drive, making this a very easy choice.
If that’s the case for you, just press ENTER to accept the default partition. Otherwise, type the number corresponding to the correct partition from the Candidate Windows partitions found list and then press ENTER.
If more than one partition is listed and you’re not sure which one to pick, chances are the larger partition is the one with Windows installed.
Every Windows 7 PC will have more than one partition listed.
4. Confirm the Windows Registry Path
Offline NT Password & Registry Editor now needs to know the exact location of the Windows Registry. Except in the rarest of occasions, the default location will be the correct one.
Just Press ENTER to accept the default Windows Registry path without writing anything else.
5. Choose the Password Reset Option
Offline NT Password & Registry Editor is now asking which part of the registry it should load.
Press ENTER to accept the default choice of Password reset.
The Offline NT Password & Registry Editor tool can perform various functions aside from resetting passwords but since that’s the focus of this particular walkthrough, that’s all we’ll discuss.
6. Choose the Edit User Data and Passwords Option
Now that the registry is loaded and available to the program, Offline NT Password & Registry Editor needs to know exactly what you want to do.
Press ENTER to accept the default choice of Edit user data and passwords.
This will load the necessary options for the actual password reset.
7. Enter the Username to Edit
Offline NT Password & Registry Editor now needs to know which user’s password you’d like to delete (erase, clear, blank, remove, call it what you like).
A default user is listed between the brackets at the prompt. In the above example, you can see that it’s the Administrator user.
If the default user is the user you’d like to remove the password from, simply press ENTER. Otherwise, enter the username and then press ENTER.
8. Type 1 to Clear (blank) user password and then press ENTER
At the bottom of the screen you’ll see the User Edit Menu with several options to choose from.
Type 1 for Clear (blank) user password and then press ENTER.
Offline NT Password & Registry Editor shows some interesting information about the username you entered in the last step – the full name, what groups the user belongs to, how many failed login attempts have taken place, how many total logins have been completed, and more.
If you see a check in the “Passwd not req.” box, this means that a password is not a requirement for this particular user. It does not mean that a password is not required to access the account in Windows. In other words, it’s saying that it is possible to erase this user’s password.
9. Type ! to quit the User Edit Tool
Assuming there weren’t any problems, you should see a Password cleared! message after entering 1 in the previous step.
Type ! to quit editing user and then press ENTER.
You must confirm these changes in a later step before they are actually complete. If you quit Offline NT Password & Registry Editor now then the password reset will not take place!
10. Type q to Quit Offline NT Password & Registry Editor
Enter q and then press ENTER to quit the Offline NT Password & Registry Editor registry editing tool.
Important: You’re still not done! You need to confirm your password reset change in the next step before it will take effect.
11. Type y and then press ENTER to confirm Password Reset Changes
At the Step FOUR: Writing back changes menu, Offline NT Password & Registry Editor asks if you want to write file(s) back.
Type y and then press ENTER.
You should see an EDIT COMPLETE message appear on screen. If you do, it means that Offline NT Password & Registry Editor has written the password changes to your computer!
12. Confirm That You’re Finished Using Offline NT Password & Registry Editor
Offline NT Password & Registry Editor gives you an option here to rerun the program. If you’ve been following along with this guide and everything seems to have worked properly then there’s little reason to repeat anything.
Press ENTER to confirm the default option of not rerunning the password reset.
13. Remove Hiren’s BootCD and Restart the Computer
That’s it! You’ve just completed the entire Offline NT Password & Registry Editor password removal process.
Remove Hiren’s BootCD from your CD/DVD drive and then manually reset your computer.Note: If you receive a “job control turned off” or a “can’t access tty” error, don’t worry. As long as the EDIT COMPLETE confirmation message was posted to the screen after you confirmed the password reset changes then your password was successfully reset. You should still be able to see the confirmation on the screen at this point.
In the next step, you’ll finally get to logon to Windows without entering a password!
Now that your password has been removed using Offline NT Password & Registry Editor, no password is required to log on to Windows.
If you are the only user on your computer, Windows will boot all the way to the desktop on the next reboot and will skip the logon screen altogether.
If you’re on a multi-user computer (as many families are), the logon screen will still appear after starting Windows but when you click on the user that had the password removed, you will not be prompted for a password and will instead enter Windows automatically.
Having a secure password is important so please don’t continue to use Windows without one. As soon as you’ve gained access to your computer again, configure a new password – one you can remember a little easier!