I was donated an older WinXP desktop by my dad, but it had multiple levels of password protection.
First, the Optiplex BIOS had the password set. After some mucking about, I discovered that the password reset jumper needed to be in "reset" position when booting the machine. It actually says "Password disabled" when you've done it right. Just moving the jumper with the machine off and/or unplugged doesn't do anything.
The BIOS user /boot password was also set, but didn't appear to affect anything.
The kicker was the Windows XP logins. My dad tried over a dozen user/password combinations, but none worked.
I had read about a method to reset XP passwords using the original installation CD-ROM and product key. It was a Dell, so it had the product key sticker on the case. But it looked like a time-consuming and cumbersome option.
There are also commercial options between $20 and $50, but there were enough solutions out there that I figured it wasn't that hard, and therefore not worth that much. I almost bit on the $20 one, but not quite.
Even Lifehacker had a rare information fail, as they let their "reset your password" thread devolve into blatant advertising and "fixes" that didn't work. (Don't get me wrong - the Gawker blogs shill a lot of stuff - but usually the commenters rein them in, to a degree anyway.) I actually tried the "safe mode" option, but this does not work, for reasons that are obvious in restrospect.
Oddly for me, About.com had the right answer with their list of 7 free Windows password recovery tools. I don't get much useful info from About, but maybe that is just me. I'll have to be more charitable towards them in the future.
The first entry, Ophcrack, is a free open-source live CD. It's trivial to use - burn, boot, select the "automatic" option and wait. That's it.
You obviously need the ability to burn the ISO to a CD, and the machine will obviously need a CD-ROM drive for this to work. I don't know if it is USB-able, but it seems there is an alternative, non-CD-based version there as well. There is also a Win7 version, which I didn't try.
The About author had it take 3-1/2 minutes, but it had all the passwords of relevance on my machine in about 2. They were relatively simple plain-word-plus-number combinations. But with this sort of performance it's hard to see how it could take longer than 15 min at the outside.
(Hell, run it overnight if you want to - I have no idea what the max time might be, but several hours should be enough to give a definitive pass or fail.)
Oh, and don't forget that the "admin" account in XP is "Administrator". It would not have made a difference for me, but if you're guessing, it helps to get the user name correct.
So rather than reinstalling XP, going through a complex process using the original CDs, or paying money, give Ophcrack a try. I want to say "worked like a charm", but that will make this review sound as meaningless and trite as all the others you will find. So I'll just say it worked well for me.
No comments:
Post a Comment