Offline NT Password & Registry Editor (v080526 - May 2008)
Petter Nordahl-Hagen has written a Windows NT/2000/XP/Vista offline password editor:
http://home.eunet.no/pnordahl/ntpasswd/
This is a utility to (re)set the password of any user that has a valid (local) account on your Windows NT/2000/XP/2003/Vista system, by modifying the encrypted password in the registry's SAM file.
You do not need to know the old password to set a new one.
It works offline, that is, you have to shutdown your computer and boot off a floppy disk or CD. The boot-disk includes stuff to access NTFS partitions and scripts to glue the whole thing together.
Works with syskey (no need to turn it off, but you can if you have lost the key)
Will detect and offer to unlock locked or disabled out user accounts!
Caution: If used on users that have EFS encrypted files, and the system is XP or later service packs on W2K, all encrypted files for that user will be UNREADABLE! and cannot be recovered unless you remember the old password again!
Download links:
cd080526.zip (~3MB) - Bootable CD image
bd080526.zip (~1.4M) - Bootdisk image
drivers1-080526.zip (~310K) - Disk drivers (mostly PATA/SATA)
drivers2-080526.zip (~1.2M) - Disk drivers (mostly SCSI)
To write these images to a floppy disk you'll need RawWrite2 which is included in the Bootdisk image download. To create the CD you just need to use your favorite CD burning program and burn the .ISO file to CD.
Support and Problems? Don't call me! Talk to the creator of this great tool. He also has a good FAQ set up covering most of the day-to-day questions. Read it right HERE
Author claims that this tool was successfully tested on NT 3.51, NT 4, Windows 2000 (except datacenter), Windows XP (all versions) and Window Server 2003. Notice that it is NOT compatible with Active Directory.
Need to change Windows NT/2000 Domain Admin password? This tool, however useful, will only reset the local administrator's password (e.g. the one found in the local computer's SAM). To reset a password of a domain administrator (or any other user for that matter) you must perform the routine that is described in the following page: Forgot the Administrator's Password? - Reset Domain Admin Password in Windows 2000 AD.
Note: The above trick will probably not work under Windows Server 2003 due to service account security changes. To work around these limitations please read the Forgot the Administrator's Password? - Reset Domain Admin Password in Windows Server 2003 AD page.