Nirsoft's Network Password Recovery is a free tool that supports Windows password recovery from the Windows Vault in Windows 7, Vista, and Windows XP.

Michael Pietroforte

Michael Pietroforte is the founder and editor in chief of 4sysops. He has more than 35 years of experience in IT management and system administration.

In my article about the Windows Vault I outlined why it is a security risk to store network passwords with Windows integrated functions on PCs. I think Nirsoft's Network Password Recovery is a perfect tool to demonstrate to Windows admins that the Windows Vault is not really a vault in the literal sense.

Network_Password_Recovery

Network Password Recovery is not a cracking tool; that is, it doesn't exploit any Windows vulnerabilities. Although all passwords in the Windows Vault are encrypted, they can be accessed easily if you know an administrator password for the corresponding computer. This is because, contrary to the cached domain logon function, Windows doesn't store the passwords as hashes but in clear text before it encrypts them.

The Windows Credential Manager does not support password recovery because passwords are hidden from users. I guess this is supposed to be a security feature. But I think it also lulls users and admins into a false sense of security.

According to Nirsoft, Network Password Recovery can recover the following passwords:

  • Login passwords of remote computers on your LAN
  • Passwords of mail accounts on Exchange servers (stored by Outlook 2003)
  • Passwords of MSN Messenger / Windows Messenger accounts
  • Internet Explorer 7.x and 8.x: passwords of password-protected Web sites ("Basic Authentication" or "Digest Access Authentication")
  • Passwords stored by Remote Desktop 6

Network Password Recovery can also be run from the command prompt and can save all passwords to a text or HTML file. I guess this is most useful for hackers who want to gain as many passwords as possible from a hacked network. However, this feature could also be helpful for administrators who want to disable stored network passwords. Before you delete all stored passwords in your network you can retrieve them with Network Password Recovery. If users who forgot their stored passwords start calling for help, you are prepared. Make sure to inform users before you run your script and also get the support of your management for this procedure.

Network Password Recovery ^

Are you an IT pro? Apply for membership!

Your question was not answered? Ask in the forum!

0
Share
Articles in series

Stored Windows Passwords

6 Comments
  1. Nawaz 10 years ago

    Panda Cloud Antivirus treated netpass.exe as trojan

    regs

    0

  2. Michael Pietroforte 10 years ago

    Navaz, thanks for the hint. Tools that mess with Windows passwords are often identified as malware by the heuristics algorithms of antivirus software. It appears the 64-bit version of netpass is not classified as suspicious by Panda. However, Avast5 doesn't like the tool either.

    0

  3. Dude 9 years ago

    I use the heaps and it works. Many of my clients lose their network keys or windows installation keys.

    But yes, it does come up as a virus. Zone Alarm keeps trying to delete it 😛

    0

  4. C N 9 years ago

    How do I download the Network Password Recovery tool ?

    0

  5. Michael Pietroforte 9 years ago

    C N, that is a very good question. I added the link now. Thanks!

    2+

  6. jimmy jandres 6 years ago

    I forgot network administrator password. I cant log into it. I get into windows 7 gui and into guest account. How can i recover it?

    1+

Leave a reply

Your email address will not be published. Required fields are marked *

*

© 4sysops 2006 - 2019

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account