Analysis of classic misunderstandings after forgetting the password

After forgetting the password, "high tricks" classic misunderstanding

1. Description of the wrong solution

When you are using Windows XP, you accidentally forget the administrator password. What should I do? There is a popular method on the Internet: use the DOS boot disk (if the Windows XP partition is an NTFS partition, you need to support the NTFS DOS boot disk) to enter the DOS real mode, the %SystemRoot%\\system32\\config directory is named sam. The file is deleted. Restart the system, the administrator login password is empty, we can easily log in to the system.

Small knowledge: Windows NT/2000/XP manages user accounts by using the Security Account Manager (SAM) mechanism, which manages accounts not by directly confirming usernames and passwords. Form, but by security identification (SID). The SID number is created at the same time as the account is created. Once the account is deleted, the SID is also deleted. The system's SID information is stored in the %SystemRoot%\\system32\\config\\sam file in the form of "SID s-1-5-21-xxxxxxxxxxxxxx-xxxxxxxxxxxxxx-005".

2. The origin and consequences of the program

This error method comes from the previous treatment of Windows 2000 forgotten passwords. Windows 2000 (without service pack) users forget the administrator password. This method can be used to successfully crack the login password. The theoretical support of the program is: Windows XP password is stored in the sam file. When we log in to the system, the system will automatically verify the sam database information. If the password and user name are found to match the encrypted data in the sam file, The system will log in successfully. Otherwise, you cannot log in. If the file is deleted, the sam database will be emptied, and the administrator's login password will be emptied, which naturally escapes the Windows XP login password verification mechanism.

In fact, this method is ineffective for Windows 2000 SP1-SP4, and it is useless for Windows XP. If you follow Windows XP operation according to this scheme, it will not be able to start, give us The operation brings more trouble.

3. The correct solution:

When the Windows XP login password is lost, we can solve different situations for different situations:

(1)if When installing Windows XP, the Administrator password is set to null. You can press F8 to enter the security mode when the system boots. The Administrator password is empty, you can enter it directly, and you can set the account and password after entering.

(2) If the Administrator password is set, the solution is not so simple. We can use the super Windows 2000/XP system maintenance CD & mdash; — ERD Commander 2003. After booting the system using the CD, run the "Start & Rarr; Manage & Rarr; Tools & Rarr; Password Change " command to open "ERD Commander 2003 LockSmith Wizard" window, enter the account name to be cracked in the "Account" box, Then enter the new password and it will be ok.