For security reason, the local administrator account is disabled by default in both Windows 7 and Windows 8. The first user you set up during the pre-configuration is granted local admin rights automatically, acting as the local admin to the machine. In most cases, this is your only key to gain access to the machine, unless you joined a corporate network domain or have created other accounts that are also granted the local admin rights. If you lost that account’s password, which does happen from time to time, you actually lost the key to access your computer.
When it does happen, here is what you can do to recover, more specifically, to reset your password to re-gain access to your computers.
If you are using Microsoft Account on Windows 8
Things are much easier. All you need to do is to head over to Microsoft Account Recovery page, and follow the instruction there.
Also check my previous post “How to deal with ‘Your PC is Offline’ in Windows 8” for more details.
If you are not using Microsoft account, or on Windows 7
Here are two great tools for you. Both work on pretty much all Windows version, from NT and above.
Lazesoft Recover my Password
It provides an easy-to-follow GUI to make this more technical work much easier. You simply
- Download the setup package from Lazesoft Download Page.
- Create a bootable media on CD/USB/ISO. With ISO file, you can recover your password on a virtual machine without creating a bootable media.
- And use this media to boot your machine.
- Follow the instruction on the screen, select the account from the list, and reset the password.
Lazesoft’s Recover My Password is free only for home use. If you are planning on using it in a commercial environment, you will have to either pay for the license, or try the next tool which is completely free.
Also it’s worth noting that this tool recovers not only your password but your windows product keys as well.
Offline NT Password & Registry Editor
This utility has been around for a very long time. It’s basically a live CD that boots off from a Linux disc, loads up the Windows system drive, and hacks into the file that hosts the credential database and reset your account’s password from there. It’s not intuitive as Lazesoft’s recover my password but it’s free and does get the job done. There is a complete walk-through you can follow.
If you ever need to reset password for local administrator account, make sure you enable it first before resetting its password. As I mentioned earlier, it’s disabled by default.
So why reset but not true recover?
In short, the encryption used to encrypt the password in Windows is one-way hash algorithm that cannot be decrypted. I am not going to explain in details about this but this is a common practice in any system that needs to store passwords. That means, if you’ve seen a website that sends you back your password when asked to retrieve your lost password, you are using a service that doesn’t treat your password seriously enough. Stay away from them.