- Pip install Boto3 - Thu, Mar 24 2022
- Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows - Wed, Feb 23 2022
- Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab - Mon, Feb 21 2022
Update: I published a new guide that explains how to reset the Windows 8 administrator password without the need of any third-party tools.
Forgot the administrator password? There are many ways to access a Windows installation if you forgot the administrator password. Today I’ll show you another procedure to reset the Windows password by replacing the Sticky Keys application. This program allows you to use the function keys SHIFT, CTRL, ALT, or the Windows key by typing one key after the other instead of pressing them simultaneously with the second key. The main advantage of this password reset method is that you don't need third-party software; another plus is that it is easy to carry out because no Registry hack is required, as when you offline enable the built-in administrator.
Please note that resetting the password from an account other than the corresponding user account always means that the user loses the credentials stored in the Windows Vault, stored Internet Explorer passwords, and files that you encrypted with the Encrypting File System (EFS). Of course, if you have a backup of these credentials, you can restore them; likewise, if you have exported the private EFS key, you can import it again after you have reset the password.
Like with all other solutions that allow you to reset the Windows password without having an account on the corresponding computer, you have to boot from a second operating system and access the Windows installation while it is offline.
You can do this with a bootable Windows PE USB stick or by using Windows RE. You can start Windows RE by booting the Windows Vista or Windows 7 setup DVD and then selecting "Repair" instead of "Install Windows."
By the way, you can't use the Windows XP boot CD for this purpose because its Recovery Console will ask for a password for the offline installation. However, you can use a Vista or Windows 7 DVD to reset a forgotten Windows administrator password on Windows XP.
This works because Windows RE, which is based on Vista or Windows 7, will let you launch a command prompt with access to an offline installation without requiring a password.
To reset a forgotten administrator password, follow these steps: ^
- Boot from Windows PE or Windows RE and access the command prompt.
- Find the drive letter of the partition where Windows is installed. In Vista and Windows XP, it is usually C:, in Windows 7, it is D: in most cases because the first partition contains Startup Repair. To find the drive letter, type C: (or D:, respectively) and search for the Windows folder. Note that Windows PE (RE) usually resides on X:.
- Type the following command (replace "c:" with the correct drive letter if Windows is not located on C:):
copy c:\windows\system32\sethc.exe c:\
This creates a copy of sethc.exe to restore later. - Type this command to replace sethc.exe with cmd.exe:
copy /y c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
Reboot your computer and start the Windows installation where you forgot the administrator password. - After you see the logon screen, press the SHIFT key five times.
- You should see a command prompt where you can enter the following command to reset the Windows password (see screenshot above):
net user your_user_name new_password
If you don't know your user name, just type net user to list the available user names. - You can now log on with the new password.
I recommend that you replace sethc.exe with the copy you stored in the root folder of your system drive in step 3. For this, you have to boot up again with Windows PE or RE because you can't replace system files while the Windows installation is online. Then you have to enter this command:
copy /y c:\sethc.exe c:\windows\system32\sethc.exe
I did everything right but when I tried to log in it says the user profile service service failed the logon. user profile cannot be loaded. please help me, idk what to do
pls what do I do
I saw user name {password : *} /ADD [options] [DOMAIN]
WHAT NEXT
Now that I'm do I need to revert it back in case of vulnerability scans, and if so, what are the commands to do so.
5 years ago
I described the procedure to revert the changes at the end of the article.
I've managed to reset password using slightly modified tecnique:
"pushd"-ed into offline system32 directory, renamed sethc.exe and made symbolic link to cmd.exe, like this:
pushd <offline_system_drive_letter>\windows\system32
move /y sethc.exe sethc.exe.bak
mklink sethc.exe cmd.exe
after password reset, rebooted into recovery environment (F8 boot menu), and
pushd <offline_system_drive_letter>\windows\system32
move /y sethc.exe.bak seth.exe
That's all, worked on windows 7 x64 installation
access is denied error.I cannot rename/copy/delete anything in the system32 folder.how do I change administrator privileges using cmd?thanks mike!
5 years ago
You either skipped step 1 or you are on the wrong drive.
Open the sticky keys cmd then type taskmgr command and then click file >Run new task>check administrator privileges checkbox>then in commandbar type cmd>preess enter
Any thoughts on Pogostick?
I apparently don't have a sethc.exe file in my System32 folder. Is it possible for this to have another name? Just for the record, the StickyKeys function works.
4 years ago
Maybe you are on the wrong drive and searched in the Windows PE folder.
I am pretty confused on how this works can't you just rename the file if you're logged into an (actual) administrator and it should work?
3 years ago
You can't modify files when you are logged on the the Windows installation that you want to change. That is why you have to change files after you boot up a second installation.
Dear Sir,
Very excellent way to bypass Administrative passwords using sticky notes trick. My problem is my administrative password is broken by my son only on our computers. So I want to prevent his ways of doing this using system32 folder and cmd.exe OR sethc.exe.
Kindly show me prevention of this my son's bravery.
3 years ago
Congrats for having a smart son. 😉 You have to encrypt the system drive with BitLocker.
Hi Michael,
I am not getting command prompt after hitting SHIFT key 5 times when going to windows login screen after restarting the system. Though I have followed all the steps. Can you pls help
Mine is windows 7 ultimate OS.
3 years ago
Hard to say what went wrong. You can try doing steps 1 and 2 and then compare the file sizes of cmd.exe and sethc.exe. If they differ, the copy procedure failed.
This literally fails at the first step. The command prompt loads files up but then just boots the laptop up, I cant intervene and input the steps mentioned.
I have access to a guest account but vsnt change anything within it 🙁 Due to admin rights etc
I'm so lost. Can anyone assist?
2 years ago
Hello Michael,
can you be more specific please? You say it fails at first step, which is a boot from WinPE.
What exactly doesnt work for you?