Home > Products > Windows Passwords > Reset Windows Password > Screenshots > Search and recover Windows passwords
Searching and recovering Windows account passwords
09.12.2019
Reset Windows Password v9.5
Support for Windows 10 1909, virtual OSes
06.12.2019
Wireless Password Recovery v6.1
This version brought some major improvements for high-performance hardware
02.12.2019
Windows Password Recovery 12.1
Support for Windows 10 1909
28.11.2019
Black Friday
It's time for a purchase:
20% discount for everything: BLACK2019

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Reset Windows Password:
searching and recovering user passwords

 

Setting search and recovery methods

Searching and recovering lost Windows passwords

Finding users' passwords takes 11 major steps:

  1. Finding information in the Windows system cache. This method, in its turn, consists of over a dozen mini-attacks, during which the program analyzes all kinds of system passwords, from LSA secrets through DSL, FTP, WiFi, internet, mail, network, etc. passwords.
  2. Analyzing simple, short passwords, keyboard shortcuts, etc.
  3. Password search using deep learning algorithms. Even though these algorithms are cut significantly to meet CPU requirements, they work much better compared to previous ones.
  4. Scan, parse and analyze most recently used files of the target system.
  5. Primitive dictionary attack. The application checks all passwords from the built-in dictionary for the Light and Standard editions or from several dictionaries (Arabic, Chinese, English, French, German, Portuguese, Russian, Spanish) for the Advanced Edition. If the deep search option is on, simple word mutations will also be taken into account during the search.
  6. Primitive brute-force attack.
  7. Artificial Intelligence attack. The attack analyzes the network activity of a user on the computer. Over thirty mini-modules take care of that. Upon the results of the analysis, the application generates user preferences and generates a semantic dictionary for the attack, which it later uses it for finding the password.
  8. Search for passwords in deleted files.
  9. Primitive Fingerprint attack on some complicated English passwords.
  10. Extract strings from huge files: RAM images, hiberfil.sys, pagefile.sys and so on. When this option is set, the program tries to skip files useless in password analysis like video, huge archives, audio files, etc.
  11. Search passwords by reading and analyzing raw sectors of the selected drive. This feature works for both LM and NTLM hashes, looking for both ASCII and UNICODE passwords. If the 'Password mutation level' is set to 'Deep search', the program additionally tries to mutate all found passwords, thus walking through all sectors of the drive may take quite a time. The sector-based scanning algorithm can be extremely helpful because it allows extracting passwords even if the target file was deleted from disk a long time ago. On the other hand, it is inefficient against compound files (for example, Microsoft Office) and is absolutely useless against drives that have full-disk encryption set on. Like BitLocker or TrueCrypt.


 

Selecting data source

Selecting data source to search in

When searching for passwords, special attention is to be paid to entering files and folders required for the analysis process. Without those, the password search will be inefficient. The application finds the files automatically, but sometimes, e.g., when the computer has several operating systems installed, you may need to use the 'manual control'. Please also keep in mind that if the computer has 2 or more hard disk drives, the sequence of the letters for these disks can be set totally different than in the original system.


 

Searching and decrypting passwords

Searching and decrypting Windows passwords

Finding/decrypting passwords can take some time, which depends on attack settings and peculiarities of your system. Completing the search normally takes not more than half an hour (without a deep learning attack). The deep learning attack, however, takes much longer and depends on your CPU and the number of hashes to recover.

Note that not all passwords can be decrypted but only simple and vulnerable ones!