ntpasswd (Offline NT Password & Registry Eidtor) is a free and easy-to-use tool that allows you to reset a Windows 8.1 password on a computer where you forgot your password.
Profile gravatar of Michael Pietroforte

Michael Pietroforte

Michael Pietroforte is the founder and editor of 4sysops. He is a Microsoft Most Valuable Professional (MVP) with more than 30 years of experience in IT management and system administration.
Profile gravatar of Michael Pietroforte

I used ntpasswd for the first time on a Windows 2000 computer about 13 years ago, when I tried to crack Microsoft’s new Encrypting File System (EFS) for a review for a German magazine. To my amazement, it took me only a few minutes to reset the administrator password and access the EFS files. Microsoft soon fixed the EFS vulnerability, but resetting the password still works on the latest Microsoft OS Windows 8.1 Update. You can’t really blame Microsoft for this, because anything is doable whenever you can boot from a second OS and access an unencrypted Windows installation.

You can’t set a new password with ntpasswd, but you can easily set a blank password on any account. Most admins will be able to use the tool without any instructions. The step-by-step guide below should work for Windows XP, Windows Vista, Windows 7, Windows 8, and Windows 8.1 with Update.

  1. After you download ntpasswd, you have to burn it on a DVD by right-clicking the ISO file. If you have an older Windows version that doesn’t support ISO burning, you can use the free ISO Recorder. If you don’t have an optical drive and you want to boot from a flash drive, you can use the free tool Rufus.
    Burn disc image
  2. Next, you have to ensure that the DVD or flash drive comes before the system drive in the boot order of your BIOS settings. Most PCs allow you to access the PC setup by pressing F2 right after you turn the PC on.
    Boot order
  3. After you boot ntpasswd, you should see the following screen. If you have more than one Windows installation on the computer, be sure to choose the correct one.
    Start screen
  4. On the next screen, you can just press Enter to start the password reset process.
    Password reset
  5. Press Enter to select “Edit user data and passwords.”
    Edit user data and passwords
  6. Choose the user account where you want to reset the password. You can find the RID, which you have to enter now, to the left of the username.
    Select user
  7. You can now quit editing the user.
    Quit editing user
  8. Next, quit editing the SAM database.
    Quit
  9. On the next screen, confirm that you want to write back the changes by typing “y”.
    About to write files back
  10. You are now done editing the SAM database. Just press Enter.
    Edit complete
  11. The password reset process is now completed. Reboot your computer by pressing CTRL-ALT-DEL.
    End of scripts

This wasn’t difficult, right? If you are worried that someone might use ntpasswd or a similar tool, such as Trinity Rescue Kit, to get admin access to one of the computers in your network, you should read my next post, where I will explain what you can do to prevent such password reset hacks.

Take part in our competition and win $100!

Share
0

21 Comments
  1. avatar
    Alireza sheykh (Iran) 2 years ago

    Tanks a lot.

    1+
  2. Profile gravatar of Michael Pietroforte
    Michael Pietroforte 2 years ago

    You are welcome. 🙂

    0
  3. avatar
    kammas 2 years ago

    I got a problem with this method.i ts bootin fine from the usb my laptop inspiron 15 with win 8.1 but it says that the pc is hibernated...after some research i found out that it was caused from fast starup option wich was checked.i tried to uncheck but i am not admin and it failed.any solutions?

    0
  4. avatar
    KostasV 2 years ago

    It works fine for me but when i log in to my account i see that every password i 've saved such as gmail etc was blank and i need to write them again.

    0
  5. avatar
    Victor 2 years ago

    This method does not work because the system is hybernated and the only way to restart un hibernated is to log in which you can't do because you can't log in.

    0
  6. avatar
    eric 2 years ago

    This doesn't work on an HP 19-2113w. The dingleberries at HP do all they can to prevent anyone from recovering any forgotten anything. To hell HP. Thanks anyway. eric21162@yahoo.com

    0
  7. avatar
    MelMat 1 year ago

    I couldn't log in after I joined a workgroup with Window8 Pro. I used your method to removed the password to the account. Now that I am logged in, everything is missing. None of the saved files, none of the program are not accessible. How do I get to those?

    0
  8. avatar
    sankaralingam 1 year ago

    does not boot from my   qube netbook 10.1  why?

    0
  9. Profile gravatar of Jesus Octavio Rodriguez de Santiago

    Excellent, but also with hirens boot we can to make this procedure 😀 grettings since Mexico

    0
  10. avatar
    Leesa 1 year ago

    Will this tool work on Windows 10? Thank you! Leesa

    0
    • Profile gravatar of Michael Pietroforte Author

      Leesa, I didn't try it, but I guess it does work on Windows 10. However, if you have to reset a Windows 10 password, this procedure works for sure.

      0
  11. avatar
    Afsal 1 year ago

    excellent tool loved it michael. Thank you very much it saved my day.

    0
  12. avatar
    Deguzmaan 12 months ago

    i could Not just go beyond step 3. I pressed the Enter button but nothing would happen. Please help.

     

    Select [1] _    was the last thing.

    0
    • Profile gravatar of Michael Pietroforte Author
      Michael Pietroforte 12 months ago

      Seems the ntpasswd can't find your Windows installation. Maybe you try this, to reset your Windows password.

      0
      • avatar
        Deguzmaan 12 months ago

        Thanks for your reply. I have got Windows 8.1 on my PC. The suggested methods apparently works for windows 7 and below. I guess it is end of the road for me. Thank you once again.

        0
        • Profile gravatar of Michael Pietroforte Author
          Michael Pietroforte 12 months ago

          These password reset methods should work with any Windows version including Windows 8.1 and Windows 10.

          0
      • avatar
        Deguzmaan 12 months ago

        And again it found it.

        ----Possible windows installations found:

        1    sda2             476588MB    Windows/System32/config

        0
  13. avatar
    Joe 12 months ago

    Hello,

    Great tool. I have used this in the past, but first time on Win 8.1. I can't seem to get the OS to boot from USB stick.  Is there a way to boot in to "insecure mode" on the Surface Pro 2? I disabled Secure Boot, but still will not boot to USB.  Any advice?

    Thanks,
    Joe

    0
    • Profile gravatar of Michael Pietroforte Author
      Michael Pietroforte 12 months ago

      Joe, is there an option that allows you to disable UEFI Mode (enable legacy BIOS mode)? You also have to make sure that the boot order is configured correctly (USB should come first). Another option is to boot from Windows setup and follow the instructions here.

      0
  14. avatar
    blinx 11 months ago

    works....!!!!

    thanks sir.....

    0
  15. avatar
    sudhir 9 months ago

    it not working

    0

Leave a reply

Your email address will not be published. Required fields are marked *

*

CONTACT US

Please ask IT administration questions in the forum. Any other messages are welcome.

Sending
© 4sysops 2006 - 2017

Log in with your credentials

or    

Forgot your details?

Create Account