How to Remove Windows Password with Linux

If you ever forget your Microsoft Windows, no worries because when Windows saves your user passwords, it stores them in a SAM file. It stores users’ passwords in a hashed format (in LM hash and NTLM hash). Since a hash function is one-way, this provides some measure of security for the storage of the passwords.


A USB Flash drive with Linux installed (i use kali linux)

A Windows with password installed on it.

If you don’t know how to install windows on USB drive follow this tutorial HERE:

1- Insert the USB drive in your machine.

2- From the boot menu select Live (first option)

The username and password is root:toor

Now login to your kali linux desktop and open the terminal and write “sfdisk –l” to list drives:

Now follow these steps to mount the Windows partition which in this case is /dev/sad2

1- Mount the hard drive partition that the Windows installation:

sudo mount /dev/sda2 /mnt/Microsoft/

2- Navigate to the directory where the SAM file is in:

cd /mnt/Microsoft/Windows/System32/config/

3- List the users on the computer contained in the SAM file.

sudo chntpw -l SAM

Type 1 (Edit user data and passwords):

Type your user account name:

Type 1 to clear the user password or 2 to set a new password for the Hacker-PC user, then quit and save the changes:

Reboot into Windows and remove the USB, then select Sign in and you will be logged in without the need for password!!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s