Hi there. I have a friend who was away for several months and he forgot his password. Running XP Pro.

Im not sure if Im in the right place or the right product, but I could use some help/advise

Ive been told there are programs that will give us the password, but I dont know what they are. Knoppix is one Ive been told about so Im just checking

btw, I just downloaded knoppix to an iso file and it is 496MB. Does this sound right size?

You don't need Knoppix for this task (although it's very useful -- check it out); all you need is the Offline NT Password & Registry Editor (http://home.eunet.no/~pnordahl/ntpasswd/), which is a boot-floppy- or boot-CD-based (your choice) utility based on Linux. Although, if your friend's got encrypted files (using EFS), those will not be accessible once the password's been reset.

"Away for several months," huh.

Actually we have access to a program that will reset the password. But we are trying to find something that will simply display the password so he can get back in as he does have encrypted files.

I have heard that there are programs that will do this, but I don't know which ones.

Actually we have access to a program ..... But we are trying to find something that will simply display the password....
The general rule of thumb is that legitimate users will change the forgotten password to another one. It's only someone trying to break into someone else's system and wishing to conceal that they did so who needs to see the original "forgoten" password. You're not likely to get help from the users here on cracking a password.

I see that you are a moderater, however, you have not read my last post or I don't understand.

My friend has encrypted files meaning that if we change/reset his password, he will lose access to all those files.

I could have reset his password in 30 seconds if that was all that was needed.

I thought someone might provide a program as I'm sure an hour or so of googling will uncover something. I was just trying to save myself the time of having to do this.

however, you have not read my last post or I don't understand.

My friend has encrypted files meaning that if we change/reset his password, he will lose access...
I did read the post, but I'm surprised to find that a Microsoft system would function that way. But isn't that exactly the way that you would want a decent system to secure data? After all, imagine that you go to the extra trouble to secure files and then a laptop (or even a desktop) is stolen. You wouldn't want the people now in posession of the hardware to gain access to the data that you told the OS to secure by something as simple as resetting the password.

Forgetting a password to one's own computer is hard for me to understand though. And even if it did happen, having it be something that the owner couldn't figure out by trying things he normally uses for passwords, when the disk contains important encrypted data, seems very strange to me.

Given that you don't know me and I don't know you, if you did encrypt data on your laptop in order to protect critical information, and someone who obtained the computer came here asking for help in cracking the password so they could get that data that you had wanted encrtypted, would you be happy to find that someone had guided the people claiming to have lost the password through recovering it, or would you be more greatful that people were hesatant to accept this story on face value and declined to offer such information? If you or your friend really think that such information should be provided to on-line strangers, then I don't see why either of you would bother to encrypt the files in the first place. I'm not saying that we think that you have stolen the computer and are now trying to break into it. But I am saying that we can never know that for certain and too many posts find their way to these forums asking questions of this nature. When the poster makes it clear that his intent is illegal or imoral the normal users here advise him that we don't welcome questions like that and we will not supply that kind of information. Of course, that means that when someone who may have a legitimate issue asks that same question, the answer still needs to be that we don't traffic in that type of information on this site.

Fair enough. Sorry for the trouble.