In order to protect user's private data and computer from be stolen or illegally invaded, Microsoft has been done a lot of experimentation and innovation on the security issue for the latest Windows 10 OS. In the Windows 10, it provides users with multiple password protection mechanisms,such as Microsoft Accounts, local accounts, Pin, face recognition and image passwords. But in fact, only local accounts are used most because people don't like the Microsoft online account. Individual users prefer to protect their computer with a set of complex passwords, because in their view, the more complex the password is, the safer your computer will be.
However, using complex passwords will often cause ourselves to forgot the login password. If your encounter such case and forgot local account's password, don't worry! There are still a chance for resetting forgotten password on Windows 10 without uninstalling system.
Table of Contents
- Part 1. Learn about Windows 10 Account Types
- Part 2. SAM - The File to Save Account and Password
- Part 3. Ways to Recover / Reset Forgottn Windows 10 Password
-
- 1) Ophcrack
- 2) WinPassGo (Recommend)
- 3) Hiren's Boot CD
- 4) Command Prompt
- Part 4. Comparison of Test Results
- Part 5. Reset Your Computer If Everything Fails
- Part 6. Suggestion
Part 1. Learn about Windows 10 Account Types
Microsoft account:
Microsoft account is a combination account which can be used to login Outlook, OneDrive, Windows phone or Xbox Live simultaneously. This account type was introduced in the Win 8 and Win 10. You're allowed to create a new Microsoft account or used current Microsoft account to login your computes running Windows 10 OS. Account configuration files are stored in the cloud (OneDrive)
Local Account:
Local account can be divided into two general categories: Administrator account and user account, it's account type that can directly login into Windows without network connection. and the Admin account has full control authority over the computer, it can be able to assign user permissions and access control privileges to the user in need. And the local account's password will be saved in the SAM file of the computer.
Pin code:
PIN is a new local security policy that added in the latest Windows 10 system, this feature makes the login faster and more convenient. You can set a PIN instead of the account password.
Windows Hello face recognition:
Face recognition is also a new features added in the Windows 10 system, which allows users to login Windows more securely and faster without typing the complex passwords. Windows Hello allows you to set up the login through facial recognition, fingerprint or iris scan instead of entering a PIN.
Picture password:
Picture Password is another new way to login windows 10, it's faster, smoother and supports user customization. Users can select the picture from the local and set a fixed gesture on the picture, then next time when you login system, just sliding on the picture.
Part 2. SAM - The File to Save Account and Password
After learning about the account types, it's necessary to understand how and where Windows stores the password and accounts. All account information is managed by the SAM file.
SAM is short for Security Account Manager, it's a database file in Windows that used to save all the account information of local users including administrator, you can use it to authenticate the local and remote users. But you can't view the content in SAM file directly as it's a encryption file, this is for prevent prohibited users from accessing the system.
Where can I find SAM?
Account's passwords are stored in the registry as a hash format (LM hash or NTLM hash). You can find the SAM file in multiple locations of a computer. This file can be found in %SystemRoot%/system32/config/SAM on hard drive C. However, when system is running, SAM folder will be locked to all accounts and only "system account" has the right to access SAM file.
The second way to find SAM file is to check registry of Windows. It can be found under HKEY_LOCAL_MACHINESAM. But this file is also locked to accounts including admin account, even you can find it but you may not be able to access it as it's as a hash format.
Now, we already know all the user passwords are stored in SAM file and it's a harsh format which can be directly open, so if there is any way to extract content from SAM file? Sure.. you will get answer from Part 3.
Part 3. Recover or Reset Forgotten Password on Windows 10
As we mentioned earlier, local account is still the most mainstream way to protect users computer, that's why so many people forgot their local administrator password. Based on users demands. We have fully investigated various types of Windows 10 password reset software on the market, including the free, paid, command line tools, linux tools, etc., then we found 80% of Windows password reset tools can't really reset or remove local account's password from Windows 10. Some of them have security risks, some requires you to purchase rainbow table to recover windows password that longer than 4 digits, and some perform "brute force cracking". They're not the Windows password reset tool in a real sense. In the actual testing process, only Ophcrack and WinPassGo can successfully reset password on Windows 10 password.
Ophcrack (68% success rate)
Ophrack is password recovery program that uses Rainbow table to crack LM hash of Windows, then guess the right password in the SAM file. This tool is currently one of the best free Windows 10 password recovery tools. This program is powerful and could recover Windows 10 lost password without requiring you to login your Windows. It provides the free Rainbow table that helps you recover 4 English parent passwords in as little as a few minutes, in our test, we can confirm it has 67% success rate in the free version. But if the password you want to recover the password that includes spaces, numbers, special characters and the length exceeds 4 digits, you need to purchase Rainbow table from Objectif Securite.
Let's see how it works. Speak the truth, it's very complicated!
Step 1. In order to properly use the Ophcrack tool, you need to download the Ophcrack ISO files on another working computer as you're locked out of your current PC.
Step 2. After downloading is complete, you need to burn ISO file to USB or DVD to make it bootable on your computer. There are many ISO burner tools out there like rufus, wonderISO or RMPrepUSB. you can choose one by yourself. After that, set your locked PC boot from USB in the BIOS.
Step 3. This step you need to download the Rainbow table, which is an indispensable part of recovering windows 10 password. You can download the free Rainbow table from the ophcrack official site. [http://ophcrack.sourceforge.net/tables.php], then unzip the file and save it into your USB drive. If your password contains numbers, special characters or your password is longer than 4 digits, then you need to purchase a Rainbow table.
Step 4. If your PC boots your USB/DVD/CD successfully, then Ophcrack will start loading, and you will see a menu list in the first interface. Here, you just need to select the first option: Ophcarck graphics mode. Ophcrack will continue to load and automatically try to recover the forgotten Windows 10 password. If the password found successfully , then it will be displayed in the list.
Views:
- 1) The edition of Ophcrack is out-dated, and it doesn't supports Windows 10 64 bit.
- 2) We used Ophcrack to recover three very simple Windows 10 passwords, and none of them were found.
- 3) You need to download the additional ISO burner software.
- 4) If your password contains numbers and special characters, or longer than 4 digits, then you will be forced to purchase Rainbow table.
WinPassGo (98% success rate)
The second Windows 10 password reset tool we'd like to recommend is WinPassGo tool, which is developed by SYSGeeker. It's a powerful, easy-to-use Windows password reset tools with high success rate, but unfortunately this software it's not free! This tool uses a totally different modes to reset Windows 10 lost password instead of "brute force cracking". You don't need to download additional ISO burning software, don't need to buy Rainbow table, just a USB or DVD/CD, it allows you to create a password reset disk that can be used unlimited times in the future. This tool can run in the WinPE environment, and searches for the SAM file automatically , then modify the SAM configuration file to achieve the purpose of password reset.
In our test, we found WinPassGo tool fully support all windows editions and severs. And nice user experience, easy to use, and is constantly updated. Very suitable for novice users.
Preparation:
- Another working computer (Windows or Mac)
- An USB flash drive with at least 4 GB, or a blank DVD/CD.
- WinPassGo installation file, download below.
Step 1. Similar to Ophcrack, you also need to download the WinPassGo tool on another working Windows or Mac computer. After the installation is complete, run it.
Step 2. Insert a USB or DVD/CD into your locked computer and click the "Burn" button to start creating the Windows password reset disk. Just wait a few minutes, and it will finish with showing messaegs "successfully".
Step 4. Plug your USB password reset disk into computer that has forgotten the password. You need to set your PC boot from USB drive or DVD/CD. Do it like this: Restart the computer, and repeatedly press the startup key: Del, F2, F12, F11 or Esc to enter the startup menu. Then choose to boot Windows from USB. Save the settings!
Step 4. When the WinPassGo program is successfully launched, it will show a whole software interface and all the account information will be displayed in the list as well as 4 options. Reset, Remove, Create Account and Delete Account.
Step 5. Select the account you want to reset or remove the password, and then click the corresponding option. If you want to reset Windows 10 password to a new one, then click "Reset Password" button, you will be asked to type a new password.
After password is reset successfully, click "Reboot" button to restart your Windows and take it effect!
Core Features:
- 4 options: Password Reset, Password Remove, Create Account and Delete Account.
- Compatible with all Windows system including the latest version of Windows 10.
- Support UEIF+MBR and UEFI+GPU boot mode.
- Support burning USB and DVD/CD
- The created password reset disk can be used Unlimitedly.
Hiren's Boot CD:(75% success rate)
Hiren's Boot CD is bootable disc with a collection of Windows and DOS tools, it's small, free, feature strong and widely applied in in many fields, including partition, cloning, data rescue, hardware testing, hard disk maintenance, DOS and Windows 10 password resetting, etc. But the only catch is that it's a command line-only utility that runs under Dos environment, it's not easy for the computer novices and wrong actions will lead to great risks.
Step 1. First of all, you need to download the Hirens Boot ISO file from its official site, then create a bootable disk using some ISO burner tools, like the way use the Ophcrack.
Step 2. After making a bootable disc, insert it to your locked PC and set it boot from your USB or DVD/CD in the boot menu of BIOS. Once the Hiren Boot CD loading successfully, you will see various of tool lists.
Step 3. In the list, you need to select "offline NT/2000/XP/Vista/7 Password Changer" and press Enter.
Step 4. Select the Windows partition and press Enter, then confirm the registry path Windows/System32 /config).
Step 5. Now, you can select the "Windows password reset" option, [SAM system security], and press Enter key.
Step 6. Select "Edit user data and passwords", and press Enter key, then type your username and press enter.
Step 7. Type 1, this will delete the password for your selected account, then type !, and press [Shift+1] to exit the menu. Then restart your computer and you will be able to login your system without password.
Views:
We've completely tested Hirens Boot CD on our 2 Windows 10 32-bit computer and it can really immediately delete Windows 10 local administrator password without occurring any errors. But we didn't succeed in the Windows 10 64-bit computer. In the testing process, what disgusts me most is that screen is full of command prompt, which makes me strain with every step, and it's easy to make mistakes, once you did wrong actions you will get an unknown and it will execute another functions.
Command Prompt (83% success rate)
The last method we will recommend is to use the command prompt tool to reset forgotten Windows 10 password. As the name suggests, it's a command line-only tool without providing graphical interfaces, but it's totally free. Using this method requires some computer skills and there is also a risk involved. But it obtains a high percentage of success in resetting forgotten Windows password, so, executing every command need to be cautious.
Step 1. We assumed that you have a Windows 10 installation disc, then insert it to your computer that forgot the password.
Step 2. Then set your PC boot from inserted disc. It will go to windows installation interface, just select "Troubleshoot". Or press "Shift+F10" key to launch the command prompt.
Step 3. Type the following command in the Window, this is for creating backup for seth.exe so that it can be restored easily.
Copy c:\ windows \ system32 \ sethc.exe c:\
Step 4. execute the following command and it will replace cmd.exe to seth.exe.
Copy / y c: \ windows \ system32 \ cmd.exe c:\ windows \ system32 \ sethc.exe
Step 5. Exit the command prompt and restart your computer and when you're on the Windows login screens, press the SHIFT key 5 times, then a command prompt dialog box will appear.
Step 6. Type the following command to start resetting admin password on Windows 10. Username is the one you want to reset password for and the password is your new password.
net user username password
Step 7. Exit the command prompt, now you can login your Windows 10 with the newly set password. But to protect others from resetting your password, you need to revert the previous changes. Follow the procedure described earlier until step 3. In the command prompt window, type the following command:
copy/ y c:\ sethc.exe c:\ windows \ system32 \ sethc.exe
Step 8. Press Enter to start your computer and in the login screen, also press the Shift 5 times, this will open "sticky keys" instead of the command line. Click the "OK" button. You can restore sethc.exe.
Views:
- Although it has high success rate but i don’t like it, it’s really complex and not use-friendly as it has no graphical interfaces.
- You have to prepare a Windows 10 installation disc, however, most of people don’t have this.
- If you’re a computer novice then give up this method because it’s too risky.
Part 4. Comparison of Test Results
According to the test, These methods have their own advantages and disadvantages, please see the comparison below.
Test environment and equipment:
- 2 HP computers running Windows 10 (64-bit), 1 Dell Computer running Windows 10 (32-bit).
- 1 Lenovo laptop running Windows 7 (64-bit), XP computer.
- 3 USB drives (Kingston, SanDisk, Toshiba), 2 DVDs, and 1 CD.
| Items |
||||
|---|---|---|---|---|
ISO File |
Additional download | Not required | Additional download | Not required |
ISO Writing |
USB/CD | USB/CD/DVD/Pen Drive, External Hard Drive, SD | CD | Windows installation disc |
Account Type |
Local Account | Local Admin, User, Guest, Microsoft, Pin and server. | Local account | Local admin account |
Support OS |
Windows 7/XP/Vsita | Win 10/8/8.1/7/XP/Vsita/Servers | Windows 10/8/8.1/7/XP | Windows 10/8/8.1/7/XP |
Difficulty |
Medium Difficulty | very Easy (GUI) | High difficulty( No GUI) | High difficulty( No GUI) |
Cost |
Need to buy a Rainbow table | Free trial, lifetime use, free upgrade | Free | Free |
Success Rate |
68% | 98% | 72% | 83% |
What's more, we've also tested some other free Windows 10 password reset tools like Cain & Abel, Trinity Rescue Kit, John the Ripper,.etc. All of them are command line-only tools based on Linux and use "brute force attack" to recover lost Windows password, which is not very friendly and would be relatively time-consuming. So, we didn't consider to test them in the article.
Part 5. Reset Your Computer If Everything Fails
If all attempts above failed to reset Windows 10 forgotten password then you have to perform the last method - Reset Your Windows, this would be the last choice made under extraordinary circumstances. But notice that resetting Windows will erase all of your data, so make sure there is no any important files on your computer.
See how to reset Windows 10 system.
Step 1. When you're on the sign-screen, just hold the Shift key while you click the Power button > Restart in the lower-right corner of the screen.
Step 2. Your PC will restart in Windows Recovery Environment (WinRE) environment.
Step 3. From the option screen, choose Troubleshoot > Reset this PC, then select Remove everything!
Part 6. Suggestion
You know, it will be relatively difficult to reset forgotten local admin password on Windows 10 if you don't have a password reset disk. The "Command Prompt" method is for educational purposes only, and it will cause the data lost or system crashes if you make any mistakes, so you're at your own risk if you try this method. You can also call the Microsoft support center to get the instructions on resetting your forgotten Windows 10 password. But if you're a computer novice, we suggest you to try WinPassGo tool to resetting a forgotten Windows 10 password as it's the easiest, effective, and safe way.
1. Once you access your system, you should create a Windows password reset disk in the first place in case you forgot the password again in the future.
2. Write down your new password on a paper, phone memo.
3. Change the way to login your Windows, you can use Microsoft account, Pin or face recognition.
Post to Windows Topic
