using old images and Log-on Passwords

Discussion in 'backup, imaging & disk mgmt' started by beethoven, Oct 3, 2014.

  1. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    Just wondering what to do if you experience a critical drive failure but are lucky enough to have an older image. Let's assume that this would be better than not having any image, maybe there is some data on this drive that is not otherwise available. Now if you also change your windows log-on password from time to time and don't remember what you used 6 months earlier, where do you stand?

    I suppose you could still reinstall windows, install your imaging software and then mount the image and get to the data. Of course there goes the advantage of getting back to work quickly. How about using the image to boot - are there ways around it apart from either never changing your log-on password, not using one or be sure to write down these with relevant dates?
     
  2. TheRollbackFrog

    TheRollbackFrog Registered Member

    Joined:
    Mar 1, 2011
    Posts:
    3,056
    Location:
    The Pond - USA
    Beethoven, I think the easiest way around this is to use a Windows NT4 free Password Changer like NTPWedit. You use a BOOTable UFD and put the NTPWedit executable on it and BOOT from it. It allows you to CLEAR the current password of any account located on the loaded Windows system. This way you can reload your old system, use NTPWedit to clear the password, then reBOOT into the reloaded system without a password.

    Here's a LINK on how to build the UFD. The only issue is that many website blockers (i.e., MalwareBytes) will block access to the NTPWedit home page saying it's risky. I have not found it so and have used the PW changer many times very successfully... the application is very safe.

    ,,,OR, you can build the recently introduced AOMEI PE Builder (no XP or W8.1 support) which contains the above Password Changer as well as other very useful utilities.
     
    Last edited: Oct 3, 2014
  3. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,057
    Hi Beethoven

    This is one of the reasons I use the Raxco Instant Recovery archives. I can restore an old image, and if doesn't have IR, then I can install it, restore the archives, and my system is back like it currently is. Can actually re install windows and do the same thing. I've tested this concept and it works well.

    Pete
     
  4. MrBrian

    MrBrian Registered Member

    Joined:
    Feb 24, 2008
    Posts:
    6,032
    Location:
    USA
    Another alternative: Offline NT Password & Registry Editor. It's also found on Ultimate Boot CD.

    Then there's Kon-Boot.
     
  5. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    RollbackFrog - interesting, will probably take my old brain some time to get this done but something new to learn. Just to clarify, would I need to create this UFD prior to the problem or could I still do this if and when necessary. Mind you, at this point it's just a mental exercise for me, everything is working well for me.

    Peter - you may know that I have ISR, so I am very interested in your suggestion. I did not really consider that the ISR recovery screen comes up prior to the normal windows boot screen. So yes, I could boot via my basic snapshot and then revert to my last archive.

    Being a member of this board means you realise there are many ways to Rome and if something bad were to happen, there are experienced people around to guide you onto to the best way for your particular situation.
     
  6. TheRollbackFrog

    TheRollbackFrog Registered Member

    Joined:
    Mar 1, 2011
    Posts:
    3,056
    Location:
    The Pond - USA
    Well, you'll need a working Windows system to make the BOOTable UFD and add the Password Changer to the stick. At that point you have an externally BOOTable UFD that you can use anytime to get you out of such a jam like a system with a password you don't know.

    I've used a similar mechanism many times to break through passworded systems when necessary (hand me downs, discards, forgotten passwords, etc.)... it works very well from XP to current configurations.
     
  7. beethoven

    beethoven Registered Member

    Joined:
    Dec 27, 2004
    Posts:
    1,044
    I understand that part but I assume you could create this on a different machine?
     
  8. TheRollbackFrog

    TheRollbackFrog Registered Member

    Joined:
    Mar 1, 2011
    Posts:
    3,056
    Location:
    The Pond - USA
    You can create it on any machine and use it on any machine from XP on.
     
  9. markymoo

    markymoo Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    1,212
    Location:
    England
    I have a simpler solution to get past the User Login once the image is restored. No need to make a third party Password CD reset/recovery tool, as your existing Recovery Windows 7 CD will suffice.

    1. Boot the Windows recovery CD.
    2. Select Repair your computer and select the Command prompt option.
    3. Backup the file sethc.exe
    copy c:\windows\system32\sethc.exe c:\
    4. Type into the command prompt.
    copy c:\windows\system32\cmd.exe c:\windows\system32\sethc.exe
    5. Now Reboot the PC
    6. At the login screen press the shift key 5 times. A admin CMD prompt will appear

    7. Type net user "your username" "your new password"

    You can now logon with the new password.

    Boot off the Recovery CD to restore the original sethc.exe back
     
    Last edited: Oct 28, 2014
  10. markymoo

    markymoo Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    1,212
    Location:
    England
    If c:\windows\system32 exists but reports 'no file found' then it's not your installed Windows but the temporary system recovery Windows location. It likely to be at E:\windows\system32\sethc.exe

    sethc.exe is program that controls Accessibility options which is activated by pressing Shift 5 times. Replacing sethc.exe with cmd.exe gives access to a Administrator CMD shell. For logon security it is best to disable Sticky Keys or delete sethc.exe altogether as it can still be accessed from a startup repair without no Windows Repair CD needed.
     
    Last edited: Nov 17, 2014
Loading...