how to Remove a windows password with a linux live CD - DroidVilla Tech

We bring the best out of your mobile device.
#1 Tips and Tricks
Home ¦ Tips/Tricks ¦ Android ¦ Applications
Advertise¦ update



how to Remove a windows password with a linux live CD


Preety sure I'm not the only one who has experienced password loss—that moment where you just can't remember your password.

So, how can we get into the system without paying a local geek or geek squad to do it?

🔰 First, we have to look into how Windows stores their passwords.

When Windows saves your user passwords, it stores them in a SAM file. It stores users' passwords in a hashed format (in LM hash and NTLM hash).

Since a hash function is one-way, this provides some measure of security for the storage of the passwords. However, this can still be bruteforced.

Some time ago there was an exploit that allowed you to delete the SAM file and log into any account without a password. This is fixed, since Windows no longer allows access to the SAM file while Windows is running. For this we are going to use a Linux Live CD to remove a Windows password using the chntpw tool.


  • BackTrack 5 on a DVD, or a Linux install with chntpw
  • A password on a Windows installation


Text in bold is a terminal command.

1.Put the disc in your computer.

2.Hit the setup button.

3.Change CD/DVD to be first on the boot order.

4.Exit the setup and save your settings.

5.When you get to the console, boot with;
 user:root password:toor.
6.Boot into the KDE desktop environment:
7.Open a terminal.


Now we have to mount the Windows drive partition to modify the password, or remove it completely.

First, we have to mount the hard drive partition that the Windows installation is located on..
    mount /dev/sda1 /mnt/

2.Change to the directory that the SAM file is in so that we can prepare to modify its contents.
    cd /mnt//Windows/System32/config

3.List the users on the computer contained in the SAM file.
  chntpw -l SAM

4.Change a specific user account password.
    chntpw -u USERNAME SAM

5.Now, lets unmount the drive and boot from Windows to use the updated or cleared password😁.
    umount /dev/sda1

Now you are done!

No comments:

We love ♥ comments, your comment is important to us

Powered by Blogger.

🔔Jamalife helpers global: Why you should join now
👨How to get upto 100% off shipping fee on Jumia
📣Advertise with us

We try as much as possible to do away with copyrights contents. Do feel free to reach out to us if you think we are found wanting [email protected]

Copyright © 2018-2019 Droidvilla Tech Designed with 💖 by Nnoka Godswill