Reset password from another user account with administrator credentials

If you cannot log on to Windows by using a particular user account, but you can log on to another account that has administrative credentials, follow these steps on how to do the trick:

1. Log on to Windows by using an administrator account that has a password that you remember. You may need to start WinXP in safe mode.
2. Click Start, and then click Run.
3. In the Open box, type “control userpasswords2″, and then click OK.
4. Click the user account that you forgot the password for, and then click Reset Password.
5. Type a new password in both the New password and the Confirm new password boxes, and then click OK.

Administrator Password recover or reset Tips

John the Ripper password cracker

John the Ripper is a fast password cracker based on dictionary attack with a wordlist currently available for many flavors of Unix (11 are officially supported, not counting different architectures), Windows, DOS, BeOS, and OpenVMS. Its primary purpose is to detect weak Unix passwords. Besides several crypt(3) password hash types most commonly found on various Unix flavors, supported out of the box are Kerberos AFS and Windows NT/2000/XP/2003 LM hashes, plus several more with contributed patches.

Download link:

John the Ripper 1.7.0.1 for Windows

EBCD – Emergency Boot CD

EBCD is a bootable CD, intended for system recovery in the case of software or hardware faults. It is able to create backup copies of normally working system and restore system to saved state. It contains the best system software ever created, properly compiled and configured for the maximum efficient use. Features are such as copy files from unbootable volume, recover master boot record of HDD, recover deleted file, recover data from accidently formatted disk and floppy disk. EBCD also includes function to change password of any user, including administator of Windows NT/2000/XP OS without the need to know the old password.

Download link:

EBCD Lite 0.6.1
EBCD Pro 0.6.1

Both contains necessary NT password recovery feature.

Hack and Reset Windows NT 4.0 and Windows 2000 Administrator or Domain Admin Password with LOGON.SCR Trick

1. Logon or login to the Windows computer
   
   with any user account.
2. Navigate to %systemroot%\System32 in Windows Explorer. %systemroot% is your Windows installation folder, and normally located in \WINNT or \Windows (i.e. \WINNT\System32).
3. Save a copy of LOGON.SCR file, or simply rename the logon.scr file to something else. Just make sure that you remember where and what name is the backup copy.
4. Delete the original LOGON.SCR from the %systemroot%\System32 sub-folder after you have backed it up. The file should no longer exist if you rename it.

   Note: If you having problem to delete or rename LOGON.SCR, it may be due to permission settings. Try to take ownership of the LOGON.SCR (by right clicking on LOGON.SCR, then select Properties and go to the Security tab, then click on the Ownership. Click “Take Ownership” and then click Yes to the prompt message.), and give the Everyone group Full Control permissions (by right clicking on LOGON.SCR then select Properties, then go to Security tabs. Click on Add and browse to and add the Everyone group. Give Everyone Full Control and then click on OK.) You may need to install an alternate second copy of Windows on the machine to do so as detailed at the end of this article.

5. Copy and paste the CMD.EXE located in %systemroot%\System32 to create additional copy of CMD.EXE in the same directory, then rename the new copied file as LOGON.SCR. This will let the Windows NT or Windows 2000 to use CMD.EXE command prompt program as the screen saver that will be activated after computer idle for specific minutes.
6. Ensure that you activate the screen saver of the Windows.
7. Wait for the computer screen saver activation idle wait time timeout, so that Windows will load the unprotected DOS command prompt in the context of the local system account as if it’s the screen saver.
8. In the CMD command prompt that is opened, key in the following command to reset and change the administrator’s password:

   net user administrator newpassword

   And the user account for administrator will have the new password of newpassword (which you should change to your own password). With the syntax of net use user_name new_password, it can be used to reset or modify the password of other administrative user account’s passwords.

9. You can now log on to the administrator account with the new password. You may want to replace back the original LOGON.SCR that has been backed up or renamed.
10. You may want to delete the alternate installation of Windows, by deleting the installation folder or format the partition (if you install in different partition), and removing the second Windows entry in BOOT.INI file at the root. Use attrib -r -s -h c:\boot.ini to change and allow the boot.ini to be modified and viewed.

Disable Password Caching

As in Windows for Workgroups, when logging on to an NT Domain, it is preferable to disable password caching.
This allows for the single NT Domain login and eliminates the secondary Windows logon screen.
It also eliminates the possibility of the respective passwords to get out of sync.
To disable password caching on the workstation, a one-line addition to the registry needs to be made.
To make the change, create a ASCII text file called DISABLE.REG with the following lines:

REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
"DisablePwdCaching"=dword:00000001

Open up a DOS box and type REGEDIT DISABLE.REG
You can also download the DISABLE.REG file.
If you need to re-enable password caching, download ENABLE.REG and repeat the process just with the different file name

Here is how to add any application to the menu when you right click on any Folder.
This could be useful if there is an app you always want available and don't want to go through the Start menu

1. Start Regedit
2. Go to HKEY_CLASSES_ROOT \ Folder \ shell
3. Add a key Name_of_Your_App
4. This can really be any label, just use one that makes sense to you
5. Give it a default value of Name_of_Your_App
6. Putting a & in front of a character will allow you to use the keyboard
7. Go to HKEY_CLASSES_ROOT \ Folder \ shell \ Name_of_Your_App
8. Add a key command
9. Give it a default value of the application you want to run
10. For example: c:\program files\internet explorer\iexplore.exe
11. Include the full path

Now when you right click on any folder, you can have access to that application
This will work for both Windows95 and NT 4.0

Removing Sound Events from Control Panel / Sounds

When you view what events you can assign sounds to from Control Panel / Sounds,
you cannot delete the events themselves. In order to do that:

1. Start Regedit
2. Go to HKEY_CURRENT_USER / AppEvents / Schemes / Apps
3. From here you can delete any items you don't want to show or no longer need.

Changing Exchange's Mailbox Location

When you create a mailbox in Exchange for e-mail, you specify the file where you want to mail to go.
You cannot change this in Exchange afterwards.

If you want to change the file name or location::

1. Start Regedit
2. Go to HKEY_CURRENT_USER \ Software \ Microsoft \ WindowsMessaging Subsystem \ Profiles
3. Go to the profile you want to change
4. Go to the section that has the file location for your mailbox (*.PST) file in the right hand panel
5. Make the change to file location or name
6. Restart Exchange