Tutorial Thursday

Post-it Note on Monitor with PasswordHow many times have you seen someone take a post-it note, write their password on it, and slap it to their monitor? Unfortunately this type of thing is more of a common occurrence than it should be, but the problem is that people can never remember their darn passwords!

Windows has a built-in feature that is made for situations just like this. It lets a user create a password reset "disk" that can be used to change the password in the event that they forget it. The "disk" can be a floppy, USB drive, iPod, or any external drive. It takes less than a minute to create, and believe me…this can save you a ton of time!

Of course by the time you come across this article it will probably be too late, and you’ll want to reset the Windows password without a disk. If that’s the case then I’ve put together a small section at the end of this article dedicated to "cracking" the Windows password.

–Creating a Password Reset Disk–

Instructions on creating a password reset disk in Windows XP can be found here. Here’s what you have to do if you’re running Vista:

  1. Open the start menu and start to type "User Accounts" in the search box.
    Reset a Windows Password
  2. In the window that pops up choose the "Create a password reset disk" under the Tasks heading in the left pane.
    Reset a Windows Password - User Accounts
  3. A wizard will now walk you through creating a password reset disk. After you get by the first screen you’ll be presented with a drop-down menu that lists the available devices that can successfully be used. It has to be some sort of removable media, such as a floppy disk, USB drive, or even your iPod.
    Reset a Windows Password Wizard Reset a Windows Password Device
  4. Next just enter in your current Windows password, and then you’ll be done. If you check the device that you used for the reset disk there should be a hidden file called userkey.psw.
    Reset a Windows Password File

–Using a Password Reset Disk–

Like most things in life, the advanced preparations you made by creating a password reset disk can really pay off. To use the disk just insert it into your computer, and then try to login as if you knew the password. Windows will tell you that the password is incorrect, and when you return to the login screen there will be a "Reset password" option located under the password field. That will initiate a wizard that will guide you through the steps needed to create a new password.

Note: Your current password reset disk is still valid even after changing your password.

Reset a Windows Password
Click to Enlarge

–Don’t Have a Password Reset Disk?–

Unfortunately by the time you realize that you can create a password reset disk it’s normally too late. There are some solutions, which I’ll outline here, but for obvious reasons none of them are going to be very easy.

  • Using a Windows XP loophole – You can launch the user account management while performing a repair on the operating system since you can access the command prompt. This is definitely the route I would go if I was running XP, but make sure you follow the instructions closely.
  • Cracking a Vista or XP password using Ophcrack – This is an application that you burn to CD, and it will boot up with your computer. You’ll need to give your computer some "alone time" depending on the strength of your password.
  • Login Recovery for NT, 2000, XP, 2003, and Vista – This is actually a service, and it requires that you download an application to put on a floppy that will retrieve your password file. You then send your password file to them, and they will decode it. There’s a 98.5% chance that it can be done in less than 10-minutes, but you’ll have to pay some money if you want it that soon. Otherwise they have a free service available, and with that you’ll get the password within 48-hours.


I highly recommend that you create a password reset disk if you haven’t done so already. I did it for all of my computers since I can just use a USB drive as the storage medium. You’re probably pretty confident that you won’t forget your password, but who knows, it could happen.

This might also be useful to backup passwords for friends and family who may often forget these types of things. I might start doing that because then they don’t have to worry about putting a darn post-it note on the desk with their password! Maybe they would also create a password that is more secure, too.