For security reason, the local administrator account is disabled by default in both Windows 7 and Windows 8. The first user you set up during the pre-configuration is granted local admin rights automatically acting as the local admin to the machine. In most cases, this is your only key to gain access to the machine, unless you joined a corporate network domain or have created other accounts that also have the local admin rights. If you lost its password, which does happen from time to time, you actually lost the key to access your computer.
When it does happen, here is what you can do to recover.
If you are using Microsoft Account on Windows 8
Things are much easier. All you need to do is to head over to Microsoft Account Recovery page, and follow the instruction there.
Also check my previous post “How to deal with ‘Your PC is Offline’ in Windows 8″ for more details.
If you are not using Microsoft account, or on Windows 7
Here are two great tools for you. Both work on pretty much all Windows version, from NT and above.
Lazesoft Recover my Password
It provides an easy-to-follow GUI to make this more technical work much easier. You simply
- Download the setup package from Lazesoft Download Page.
- Create a bootable media on CD/USB/ISO. With ISO file, you can recover your password on a virtual machine without creating a bootable media.
- And use this media to boot your machine.
- Follow the instruction on the screen, select the account from the list, and reset the password.
Lazesoft’s Recover My Password is free only for home use. If you are planning on using it in a commercial environment, you will have to either pay for the license, or try the next tool which is completely free.
Also it’s worth noting that this tool recovers not only your password but your windows product keys as well.
Offline NT Password & Registry Editor
This utility has been around for a long time. It basically boots off from a Linux disc and loads up the Windows system drive, hack into the file that hosts the credential database and reset your account’s password from there. It’s not intuitive as Lazesoft’s recover my password but it’s free and does get the job done. There is a complete walk-through you can follow.
If you ever need to reset password for local administrator account, make sure you enable it first before resetting its password. As I mentioned earlier, it’s disabled by default.
So why reset or true recover?
In short, the encryption used to encrypt the password in Windows is one-way hash algorithm that cannot be decrypted. I am not going to details about this but this is a common practice in any system that needs to store passwords. That means, if you’ve seen a website that sends you back your password, instead of resetting it with a new one, when you hit that “forget my password” link, you are using a service that doesn’t treat your password seriously enough. They are not following the common practice to properly encrypt your password, or maybe not encrypted at all. Stay away from them.