Reset Lost Windows Password without Reset Disk

The easiest way to reset a forgotten Windows password is to use a previously created password reset disk. But most people, including me, don’t plan ahead for losing passwords. If you haven’t created such a reset disk, don’t worry! Here is a simple way to reset lost Windows 10, 8, 7 and Vista password with the Utilman.exe trick.

How It Works?

Windows displays an Ease of Access button at the bottom left corner of the login screen. When clicked, this button opens the Utilman.exe program, allowing you to start accessibility utilities.

If you replace the Utilman.exe file with cmd.exe, you can then launch the Command Prompt from Windows login screen, and type the net user command to reset a forgotten user password easily!

Reset Lost Windows Password

Here you might ask: How do I replace the Utilman.exe file when I was completely locked out of my computer? Well, this can be done from a bootable Windows PE USB drive or by using Windows installation DVD. Here are the step-by-step instructions on how to reset forgotten Windows password with a install DVD:

  1. Boot your computer using your Windows installation disc. Once the message “Press any key to boot from CD…..” appears, press Enter to continue.
  2. When you get to the “Windows Setup” or “Install Windows” screen, press Shift + F10 key combination to launch the Command Prompt.

    windows-setup

  3. Type these commands, one by one, and press Enter after each. This will make a backup of Utilman.exe, and replace Ultilman.exe with cmd.exe.

    replace-utilman

  4. Now close the Command Prompt, and cancel the Windows Setup. Eject the installation disc and reboot your computer.

    exit-windows-setup

  5. There’s nothing to do here but wait for your computer to restart. When the Windows login screen appears, click on the Ease of Access button, a little icon on the bottom-left of your screen.

    windows-login-screen

  6. Based on the commands that we used in the previous step, this will open a Command Prompt window instead of the Ease of Access menu. To reset an existing user password, we need type the command below. In this example, we will be changing Tom‘s password to “123“.

    reset-windows-password

  7. Exit the Command Prompt. You should be able to log in with this new password straight away. That’s it – you have successfully reset your lost Windows password.

Why Wireless Network Security and Encryption Matter

Recently there seems to be a never ending stream of information leaks percolating through the news.  Several states mandate wireless networks implement encryption and the Federal government is looking at forcing companies to disclose information leaks to affected customers. Of course any information leak or unauthorized access to sensitive data on a personal or even worse business network may present a myriad of liability issues.

Wireless networks are often targeted and most of them are not up to the standard of security that is publicly available. Using no encryption leaves your network immediately open to attack. This means any third party can connect in to your network, discover resources like shared files or computers that are vulnerable and gain access. There is not much, if any legal protection afforded in this situation as the network is open.

WEP (wireless equivalent privacy) is an older standard that for its time was certainly better than no encryption, but these days it is not much more secure than leaving the network wide open. The reason is that there exist several fundamental flaws in the WEP algorithm that leave your network vulnerable, including, but not limited to:

  1. Passive attacks to decrypt traffic
  2. Active attacks to inject new traffic from unauthorized nodes
  3. Active attacks to decrypt traffic based on fooling the AP (access point)
  4. Dictionary-based attacks that may take some time, but allows full decryption of all network traffic

These attacks are simple to configure and can be implemented with off the shelf equipment, including many standard laptop configurations. Furthermore, WEP uses RC4 encryption, a weaker and older form of stream-based encryption that is easy for attackers to exploit because of its vulnerable key exchange mechanism and the lower grade cipher used.

Many routers are setup to use WEP encryption, even those supplied by Internet providers. If you are using WEP (or no encryption at all) it’s best to consider using WPA2 with AES encryption. This is the highest publicly available wireless encryption standard. If your router or wireless card does not support this standard now would be a good time to consider upgrading.

Reset Windows 2000 Administrator Password with LOGON.SCR Trick

Forgot your administrator password? If you’re using Windows NT 4.0 or some version of Windows 2000, you can reset the administrator user account password by using a simple trick and hack that involves default screen saver, beside using third-party password recovery system or apps such as Login Recovery. With logon.scr password reset crack method, users can reset the admin user account password, without knowing or remembering existing password. But the trick won’t reveal and get back the existing password, nor it will work on newer Windows operating system such as Windows XP, Windows 2003 Server, or Windows Vista that has tighter security and privileges limitation.

To reset the local administrator’s password on Windows NT and Windows 2000 (only on some versions, so you have to try your luck), or domain admin password on a Domain Controller (DC) running on Windows NT or Windows 2000, follow these steps:

  1. Logon or login to the Windows computer with any user account.
  2. Navigate to %systemroot%\System32 in Windows Explorer. %systemroot% is your Windows installation folder, and normally located in \WINNT or \Windows (i.e. \WINNT\System32).
  3. Save a copy of LOGON.SCR file, or simply rename the logon.scr file to something else. Just make sure that you remember where and what name is the backup copy.
  4. Delete the original LOGON.SCR from the %systemroot%\System32 sub-folder after you have backed it up. The file should no longer exist if you rename it. Note: If you having problem to delete or rename LOGON.SCR, it may be due to permission settings. Try to take ownership of the LOGON.SCR (by right clicking on LOGON.SCR, then select Properties and go to the Security tab, then click on the Ownership. Click “Take Ownership” and then click Yes to the prompt message.), and give the Everyone group Full Control permissions (by right clicking on LOGON.SCR then select Properties, then go to Security tabs. Click on Add and browse to and add the Everyone group. Give Everyone Full Control and then click on OK.) You may need to install an alternate second copy of Windows on the machine to do so as detailed at the end of this article.
  5. Copy and paste the CMD.EXE located in %systemroot%\System32 to create additional copy of CMD.EXE in the same directory, then rename the new copied file as LOGON.SCR. This will let the Windows NT or Windows 2000 to use CMD.EXE command prompt program as the screen saver that will be activated after computer idle for specific minutes.
  6. Ensure that you activate the screen saver of the Windows.
  7. Wait for the computer screen saver activation idle wait time timeout, so that Windows will load the unprotected DOS command prompt in the context of the local system account as if it’s the screen saver.
  8. In the CMD command prompt that is opened, key in the following command to reset and change the administrator’s password: net user administrator newpassword And the user account for administrator will have the new password of newpassword (which you should change to your own password). With the syntax of net use user_name new_password, it can be used to reset or modify the password of other administrative user account’s passwords.
  9. You can now log on to the administrator account with the new password. You may want to replace back the original LOGON.SCR that has been backed up or renamed.
  10. You may want to delete the alternate installation of Windows, by deleting the installation folder or format the partition (if you install in different partition), and removing the second Windows entry in BOOT.INI file at the root. Use attrib -r -s -h c:\boot.ini to change and allow the boot.ini to be modified and viewed.

Unless you’re using Windows NT 4.0 computers that were installed out-of-the-box that set the NT’s default permissions for Everyone to Full Control, you most likely will have problem to rename, change or delete the files located in \Winnt\System32 or \Windows\System32 folders if you log in as the non administrative regular user, as regular user cannot manipulate the files’ permissions.

In this case, install an alternate second copy or Windows NT or Windows 2000 (make sure it’s the same version with the existing OS which you have forget the password installed), and the new install of Windows must be installed in different directory/folder from the existing Windows, which usually located in \WinNT or \Windows, or install the new Windows on another partition or drive. Alternatively, you can take out the hard drive (where you lost the admin password) and place or install it as a slave on another computer with any OS such as Windows XP or Windows 2000 installed. The purpose is to access the %systemroot%\System32 of the OS that you have lost or forgot the administrator password, and does the modification specified above.

After installing the alternate copy of Windows, or install the hard disk as the slave disk to another Windows in a computer, boot up the system with the alternate Windows. If you install the second copy of Windows on the same machine, go to Control Panel -> System -> Startup (NT) or Control Panel -> System -> Advanced -> Startup and Recovery (W2K) and change the default boot instance back to your original instance of Windows. Then follow the step 2 to 4 above. After done, reboot and restart the system and bootup to the original instance of Windows (if you take up the hard disk to another machine, now put it back to the original computer), and continue the rest of steps from step 5 onwards.