Unix and Linux network configuration. Multiple network interfaces. Bridged NICs. High-availability network configurations.


Reviews of latest Unix and Linux software. Helpful tips for application support admins. Automating application support.


Disk partitioning, filesystems, directories, and files. Volume management, logical volumes, HA filesystems. Backups and disaster recovery.


Distributed server monitoring. Server performance and capacity planning. Monitoring applications, network status and user activity.

Commands & Shells

Cool Unix shell commands and options. Command-line tools and application. Things every Unix sysadmin needs to know.

Home » Disaster Recovery

Resetting Admin Passwords on Windows

Submitted by on November 20, 2005 – 2:01 am One Comment

Resetting Local Administrator/User Passwords on Windows NT/2000/XP/2003
The following document explains how to change an unknown password for any local account (including Administrator) on a Windows NT/2000/XP/2003 system. Use this only for disaster recovery purposes.


1.Physical access to the Windows NT/2000/XP/2003 machine
2.CD or DVD drive


1.Download KNOPPIX v. 4.0 (or above) ISO file and burn it to a CD.1
2.Power up the Windows system (if it’s not already running), insert the KNOPPIX CD into the CD/DVD drive and reboot.
3.At the BIOS screen quickly press F2 (or F12) to go into the Setup. Make sure that CD/DVD drive is listed as a boot device and comes before any hard drives. Save the changes to BIOS and allow the system to reboot.
4.A graphical KNOPPIX screen will appear the “boot:” prompt. Just hit Enter or wait and the system will continue booting after a couple of minutes.
5.Once the KDE desktop is loaded, open the Konqueror browser (it might already be opened) and configure the HTTP proxy if necessary (in the browser click on Setup -> Konqueror Configuration -> Proxy and enter the proxy IP/DNS address and port number).2
6.Download the Debian chntpw program or use the copy on the USB memory stick (see footnote 2 below). Place the chntpw_.deb in /ramdisk
7.Open a terminal window and do su – root to /ramdisk and run the following commands:

alien -t  chntpw_.deb
tar xvzf chntpw_.tgz
mv ./usr/sbin/chntpw ./

9.Mount the Windows boot disk in read/write mode:

mount -t ntfs -v -o rw /dev/sda1 /mnt/sda1 3

10.To reset Windows passwords run the following commands:

cd /mnt/sda1/WINDOWS/system32/config4
/ramdisk/chntpw SAM

follow the system prompts to set a new Administrator password (you can enter * to remove the password altogether. 5
Answer “yes” to all chntpw prompts.
11.Unmount the Windows filesystem and reboot:

umount /mnt/sda1

12.Remove the CD-ROM when prompted and hit Enter to complete the reboot sequence.
13.As the system is rebooting, unplug the network cable.
14.On bootup Windows will attempt to scan the disk. Hit any key to cancel the scan or let the scan run to completion. If the scan started, do not attempt to interrupt it.
15.Login as Administrator on local machine (not domain) using your new password.
16.Connect network, if needed. Depending on the security policy, the Administrator password may eventually revert to its initial value. As Administrator you can prevent this.

* Microsoft, Windows and the Windows logo are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
Print Friendly, PDF & Email

One Comment »

  • slipknot0129 says:

    I forgot the administrator password on my pc, but i dont have a floppy drive on my pc and the cd drive is not working.How can i recover/ reset the admin password so i can use my pc again. I have windows xp.
    Can anyone help!!!

Leave a Reply

%d bloggers like this: