Recover a Built-in Administrator Password?

spokey

Member
Member
Messages
15
This is more for my information. I do not currently have a problem.

Running 8.1 but would also like to know about 7 & 10.

When i originally got my HP laptop, it blew its motherboard inside of 30 minutes. When I finally got it back a couple weeks later, they shipped it back with the wrong HD (I had bought it with a hybrid and a regular HD was sent back). So they shipped a new drive and sent a tech. He put the drive in but could not install win8.1. Can't remember the problem. Anyway, HP sent another USB and I installed the OS myself. I don't remember giving the built-in admin a password but did create my own user with admin privileges. So I don't have any problem. But I was futzing around and curious. Running net user Administrator states that the account is not active and the password was last changed Oct 2013. That was about six months before I bought the laptop.

As a test, I activated the account but when I run runas /user:Administrator cmd it prompts for a password. If I just press return (i.e. no password), it fails. I don't think I set a password during installation and the date would seem to agree. So while I could reset the password, it would be nice if as an administrator myself, I could recover the password for the built-in account.
 

My Computer

System One

  • OS
    win 8.1 Pro / 64
    Computer type
    Laptop
    System Manufacturer/Model
    HP Envy 15t-j100
    CPU
    Intel Core i7-4900MQ
    Motherboard
    HP
    Memory
    16G
    Graphics Card(s)
    Intel HD Graphics 4600
    Sound Card
    IDT High Definition
    Monitor(s) Displays
    Internal / Asus Proart PA248Q
    Screen Resolution
    1900x1080 / 1900x1200
    Hard Drives
    Seagate ST1000LM014
    External 2T in Vantec enclosure
    Cooling
    lately, very much so
    Keyboard
    Rosewill
    Mouse
    Wheelmouse Optical USB
    Internet Speed
    94/12 Mbps
    Browser
    Firefox
    Antivirus
    AVG
By design passwords cannot be recovered on the NT platform. That would be a security risk if possible. Even with an elevated admin account you cannot see any password, even your own. Passwords themselves are not stored anywhere in the computer. When a password is created a non reversible mathematical operation is done on it and the result is stored. When you log in the same operation is done on the entered password and the results compared. If they match you are logged in. The details of how this is done are of course undocumented. Password information (but not the passwords themselves) are stored in a registry location that is not normally accessible to even an elevated admin account.

All modern operating systems do something like this.
 

My Computer

System One

  • OS
    Windows 7
    Computer type
    PC/Desktop
yeah, I kind of knew / assumed that but thought I'd ask. I think you're talking about SIDs? I guess HP sets an initial password and doesn't bother telling the customer what it is.

I did go in and either removed or set a blank password. Not sure exactly which. Went through the password change and did not enter anything in any fields. Doing that I can run:
runas /user:administrator cmd​
and when prompted for a password can just press the return. That didn't work with the original / HP setting.

Actually a machine might have a visible password. Microsoft still supports the autoadminlogin, defaultuserid, defaultpassword registry keys for an automatic login.
 

My Computer

System One

  • OS
    win 8.1 Pro / 64
    Computer type
    Laptop
    System Manufacturer/Model
    HP Envy 15t-j100
    CPU
    Intel Core i7-4900MQ
    Motherboard
    HP
    Memory
    16G
    Graphics Card(s)
    Intel HD Graphics 4600
    Sound Card
    IDT High Definition
    Monitor(s) Displays
    Internal / Asus Proart PA248Q
    Screen Resolution
    1900x1080 / 1900x1200
    Hard Drives
    Seagate ST1000LM014
    External 2T in Vantec enclosure
    Cooling
    lately, very much so
    Keyboard
    Rosewill
    Mouse
    Wheelmouse Optical USB
    Internet Speed
    94/12 Mbps
    Browser
    Firefox
    Antivirus
    AVG
You said you activated the built-in administrator account, so you should also be able to reset the unknown administrator password. How did you activate the administrator account?
 

My Computer

System One

  • OS
    windows 8
Naturally you'll need to be logged on with admin privileges.
Bring up a command window with run as administrator. Check the state with:
Code:
[FONT=courier new]C:\Windows\system32>net user administrator
User name                    Administrator
Full Name
Comment                      Built-in account for administering the computer/domain
User's comment
Country/region code          000 (System Default)
[COLOR=#ff0000]Account active               No[/COLOR]
Account expires              Never

Password last set            12/13/2015 5:01:39 PM
Password expires             Never
Password changeable          12/13/2015 5:01:39 PM
Password required            No
User may change password     Yes

Workstations allowed         All
Logon script
User profile
Home directory
Last logon                   12/14/2015 10:10:46 AM

Logon hours allowed          All

Local Group Memberships      *Administrators
Global Group memberships     *None
The command completed successfully.[/FONT]

activate the administrator:

Code:
C:\Windows\system32>net user administrator /active:yes
The command completed successfully.

check the result:
Code:
C:\Windows\system32>net user administrator
User name                    Administrator
Full Name
Comment                      Built-in account for administering the computer/domain
User's comment
Country/region code          000 (System Default)
[COLOR=#ff0000]Account active               Yes[/COLOR]
Account expires              Never

Password last set            1/8/2016 11:08:43 AM
Password expires             Never
Password changeable          1/8/2016 11:08:43 AM
Password required            No
User may change password     Yes

Workstations allowed         All
Logon script
User profile
Home directory
Last logon                   12/14/2015 10:10:46 AM

Logon hours allowed          All

Local Group Memberships      *Administrators
Global Group memberships     *None
The command completed successfully.

- - - update 2016-01-08 1208 - - -

and verify everything with a
Code:
runas /user:administrator cmd.exe
 
Last edited by a moderator:

My Computer

System One

  • OS
    win 8.1 Pro / 64
    Computer type
    Laptop
    System Manufacturer/Model
    HP Envy 15t-j100
    CPU
    Intel Core i7-4900MQ
    Motherboard
    HP
    Memory
    16G
    Graphics Card(s)
    Intel HD Graphics 4600
    Sound Card
    IDT High Definition
    Monitor(s) Displays
    Internal / Asus Proart PA248Q
    Screen Resolution
    1900x1080 / 1900x1200
    Hard Drives
    Seagate ST1000LM014
    External 2T in Vantec enclosure
    Cooling
    lately, very much so
    Keyboard
    Rosewill
    Mouse
    Wheelmouse Optical USB
    Internet Speed
    94/12 Mbps
    Browser
    Firefox
    Antivirus
    AVG
Back
Top