No announcement yet.

A program to recover a password

  • Filter
  • Time
  • Show
Clear All
new posts

  • A program to recover a password

    Are their a program that will recover the password in windows XP not reset but recover ?

  • #2
    Re: A program to recover a password

    Did you think to read through some of the threads in this forum at all? Or maybe google for "Recover XP Password"?

    OOO!!! Look!! The TOP (unsponsored) LINK on Google!

    For my own and your protection, I do not provide support by private message under any circumstances. All such messages will be deleted and ignored.

    Anything you say will be misquoted and used against you


    • #3
      Re: A program to recover a password

      LOL! Very good Tom! That's exactly how I found the value of this site!

      I don't post a lot (yet), but boy has your FAQ been of great use to me. Well deserved top google ranking.


      • #4
        Re: A program to recover a password

        If I understand the question correctly, the answer is NO
        Passwords are normally stored using one-way encryption and checked by comparing the encrypted password with the encrypted value in the SAM or AD

        As a result you cannot recover a password, just reset it to some known value

        Why do you want to recover rather than replace the password? Is it something to do with encrypted files?

        Tom Jones
        MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
        PhD, MSc, FIAP, MIITT
        IT Trainer / Consultant
        Ossian Ltd

        ** Remember to give credit where credit is due and leave reputation points where appropriate **


        • #5
          Re: A program to recover a password

          If we're talking local password (not domain) and the password is <= 14 characters and non of them are too screwy (A-Z, 0-9, limited [email protected]#$%^&*() characters, sometimes a space) and the admin didn't disable the LM password hash then it is VERY doable.

          You can do domain ones too if the same applies but it is not as easy to get the hash.

          Once you have the hash, you need to find a service that has a full set of RainbowCrack tables (pre-built for all combos of the character set chosen) and it does a reverse lookup -- matching the hash and finding the characters.

          This is doable because the LM hash is not case sensitive and done in two 7 character chunks. Thus a full set of RainbowCrack tables takes about 64 - 100 GB depending on how it's done and could be built by one 3 GHz machine in about 3 to 4 years. Use 12 machines and it takes 3 to 4 months.

          Point being there are several out there that have done this.

          First thing for all you admins is to disable LM hashing:

          For you, mattison, I suggest you search this forum and you'll find ample info on tools to use to recover. One of the nicer tools to extract the hash (and tell if the LM hash exists) is SamInside. Search this forum and you find a bunch of threads that discuss this and what to do once you have the hash.

          Best of luck.

          BTW: Resetting the password is more straightforward.


          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

          2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.