The most common ways of breaking into a Windows PC is to recover or reset the password. Here is another method which I recently discovered that allows you to bypass Windows 7 password without resetting / changing it.
PassPass is one of the best freewares around which can log you into Windows 7 with arbitrary password. It works by modifying the Windows kernel to bypass the authentication process of Windows. This is great for those times when you are working on a client's PC but forgot to ask for the password.
- PassPass v1.2
- A USB thumb drive
Part 1: Install PassPass to USB Drive
Here's the process of installing PassPass onto your USB drive:
- First of all, download all required packages (PassPass, grubinst, Grub4DOS and grubutils) and save them to a folder on your local hard drive.
- Extract grubinst locally. Run grubinst_gui.exe as administrator from the folder you extracted the files to.
Click on Disk, and select your USB drive from the drop down list. Click on Refresh at Part List and then select Whole disk (MBR). Leave the rest settings as it is, then click on Install.
- Extract Grub4DOS and copy the grldr file to the root folder of your USB drive.
- Extract grubutils and copy the wenv file to the root folder of your USB drive.
Extract PassPass v1.2 and copy both menu.lst and PassPass files to the root folder of your USB drive.
Part 2: Bypass Windows 7 Password with PassPass
- Insert the USB drive into your Windows 7 computer and boot from it. To do this, make sure your USB drive is set as first boot device on your computer's BIOS.
The initial screen you see after restarting should be the Grub Menu, Highlight the first entry and press Enter.
PassPass will display a list of Windows installations detected on your hard drive. To bypass Windows 7 password, choose the Windows 7 installation and press Enter.
The next screen you'll see a list of boot options which allow you to patch or unpatch Windows. Choose "Patch Windows" and press Enter.
- After a while, you'll see the message that says "DLL at /Windows/system32/msv1_0.dll patched", where msv1_0.dll is Windows authentication package.
- Disconnect the USB drive and restart your computer. You can then log into any local account with any password, as you've already bypass the local password authentication system.
Part 3: Unpatch Windows 7
To bring the Windows password authentication system back to work, you need to boot to the PassPass Live USB drive again and select "Unpatch Windows". After unpatching, the system will behave as if nothing has happened. The whole process never overwrites your old Windows password.
So this is how you can bypass Windows 7 password without changing or deleting the old password. But PassPass seems to be version dependent and it doesn't work in all situations. If you have no luck with it, you can try the WindowsUnlocker Live CD which can reset lost Windows password with 100% success rate.