Collection of xp tips and trick

How to remove Syskey and Administrator password

In this tutorial we will remove Syskey start up password and reset the administrator password. Syskey is the additional layer of security. An average user barely implement it. Scammers take advantage of this tool to scam. Scammers usually contact computer owner identifying himself as a member of Microsoft support team. They will informs you that your PC have number of critical problems, those need to be fix immediately or your system will fail to work properly. They will convince you to allow them to connect system remotely and fix the issues. If you do make the mistake of letting them connect, they will ask you to pay $$$ for fix. If you refuse to pay, they will enacted SysKey encryption on the SAM registry hive.

In Window XP, Security Accounts Management (SAM) database stores hashed copies of user passwords. To keep the SAM database secure, Window requires that the password hashes are encrypted. SAM database is encrypted with a locally stored system key. SysKey utility can additionally secure the SAM database by moving the SAM database encryption key off the Windows-based computer. The SysKey utility can configure a start-up password that must be entered to decrypt the system key so that Windows can access the SAM database.

In this tutorial

  • How to set administrator password in Window XP
  • How to set syskey in window XP
  • How to remove Syskey startup password in window XP
  • How to reset administrator password in Window XP

How to set administrator password in Window XP

Administrator is the built in super user account in Window XP. Whenever you install XP, it automatically created. By default administrator account is not password protected, unless you make it during the installation. This account have privilege to access everything in computer. With this account you can change any password on that system. If you have purchased any branded computer like Sony, HCL, Dell, with pre XP installed, you would be able to login to computer with administrator account using blank password.

This account usually doesn't show up on the logon screen and average user don't know it exists. Usually user won't need to use computer under this account very often. You need this account in safe mode or at recovery console.

To set administrator account password Click Start button and Right click on My Computer, from context menu click Manage

start-manage

From left pane expend Local users and groups, Click Users.

In right pane, Right click Administrator, from context menu Click Set password

computer-manage

Click Proceed on alert message box

set-password-alert-message

Set password and Click OK

set-password-administrator

Click OK on confirmation message box

set-password-message-ok

We have protected administrator account with password to enhance the security of system.

How to set Syskey in window XP

To enable Syskey encryption, Click Start button and Click Run

start-run

In Run dialog box type Syskey and Click OK

run-box

From opened dialog box select Encryption Enabled option and Click Update. When this option is selected, Windows will always encrypt the SAM database.

encryption-enable

We have two options here Password Startup and System Generated Password, if you do not want to require a startup password use second option.

  1. Store Startup Key on Floppy Disk To store the system startup password on a floppy disk. This requires that someone insert the floppy disk to start the operating system. This provides the highest level of protection for the SAM database.
  2. Store Startup Key Locally To store the encryption key on the hard disk of the local computer. This is the default option.

Click Password Startup and set password and Click OK

password-startup

Click OK on success message We have successful setup the Syskey start up password.

syskey-success

Now we have set both password administrator and Syskey.

On next reboot you will get following message.

Startup Password

This computer is configured to require a password in order to start up. Please enter the Startup Password below.

start-up-password

Enter the Syskey password and try to access administrator account with blank password. This time you will get alert message

administrator-password-error

If you have done above procedure to enhance the security of system, congratulation you have now more secure computer than your colleagues.

But if a scammer has done this, you are in you are in lockout situation.

Very first thing user do in this situation is to call Microsoft or post thread on their support form for help. But it is useless as Microsoft Support Engineers do not help users to get forgotten or stolen password. You will ended up with following policy page

http://support.microsoft.com/kb/189126

Furthermore Microsoft ended support for Windows XP on April 8, 2014. Now you have limited choice to deal with this situation.

  • Pay scammer to unlock the pc
  • Reinstall window from scratch
  • Use third party tool to crack the password
  • There are few another methods (reset registry, restore system, use backup etc ) to deal this situation, but they depend upon the availability of backup. We will take them on other tutorials.

In this tutorial we will use a Linux script to crack the password. Before you start make sure

  • Microsoft does not recommend to use of any third party tools for cracking the password. At the same time they also do not provide any support to handle this situation. So it's your choice to use this script or not.
  • Use this script only if you are the owner of computer or have proper permission. Doing this with someone else's system without permission is illegal.
  • In some circumstances window may ask for reauthorization or reactivation.
  • This script is only for Window XP, do not use this on Vista, Win7, Win8 or any higher version than Window XP.

How to disable Syskey startup password.

Download this open source Linux script

Script to reset password

Extract the zip file

zip-extract-all

It contains an ISO file

iso-file

You need to burn this ISO image. You can use any standard ISO burner software for this purpose.

Or you can download from following URL

Portable disk burning software

Official URL http://infrarecorder.org/?page_id=5

Disk burning software

Official URL http://www.freeisoburner.com/

Burn image to CD, and boot system from this CD ( You need to set boot priority in bios, to boot system from CD/DVD).

Press Enter to boot system from CD

boot-press-enter

Script will make a quick scan of hard disk and return with all available window installation. Usually there will be only one, unless you have dual operating system installed. Type the disk number (Most probably one, or see the returned result for appropriate number) and press Enter

select-disk

We need to provide registry files path. Usually script will automatically find the path, all you need to do is just press Enter and go with default selected path

registery-location

Our primary goal is to reset the password, Type 1 and press Enter

select-sam-option-one

We will first disable the Syskey, Type 2 and press Enter

syskey-option-two

Type y and press Enter to confirm the Syskey disable.

confirm-syskey-disable

When you disable Syskey, this script will also invalidate (set to blank) all users passwords from system. You need to reset them as well. From this point you can save change to disk and return to window. Type q and press Enter to return previous menu

type-q-to-quite-admin-pass

Type y and press Enter so script can write the change to disk

wirte-to-disk

If you want, you can run the script again. Type n and press enter.

ask-for-new-run

Remove the disk and reboot the system.

We have successfully disabled the syskey and set administrator password to blank. Now you can login to system with administrator account using blank password. From administrator account you can set password to all other user accounts.

How to reset administrator password in Window XP

If you have disabled the syskey following the above method then no need to run this script again, all users password including administrator will automatically set to blank while you disable the syskey. If you have disabled the syskey protection and only need to reset the administrator password follow these steps.

Boot system from our script disk

boot-press-enter

Select disk and Press Enter

select-disk

Press Enter

registery-location

Type 1 and press Enter

select-sam-option-one

Type 1 to select Edit user data and passwords on chntpw main interactive Menu

type-one-edit-user-data

Script will list all available user accounts, type the username of account which password you want to change. Administrator account is by default selected, press Enter

administrator-selected

Script will fetch the details associated with user account, make sure you have selected right user account. You can set new password directly from the script, but I will not recommend this. Instead of setting new password, we will use option 1 to clear (Set to blank) the password. Type 1 and press Enter

type-one-clear-admin-pass

Type ! and press Enter to return to menu

quit-after-clear

Type q and press Enter

type-q-to-quite

Type q and press Enter

type-q-to-quite-admin-pass

Type y and press Enter to save the change

wirte-to-disk

Type n to exit from script

admimistrator-pass-close-script

We have successfully cleared the administrator password. Remove disk and reboot the system and login from administrator account. Once logged in, you can set up the password by following the steps given above.

More Articles For You