Home > Products > Windows Passwords > Windows Password Recovery > Screenshots > Advanced utilities > Offline password remover
Offline password remover - reset SAM / NTDS.DIT passwords
30.07.2021
Reset Windows Password v10.4.1
Support for Windows 10 21H1 and some extra enhancements
06.07.2021
MS Office password recovery tools
Support for MS Office 97-2003 formats, a major update in the password analysis module and mask attack syntax, etc.
06.07.2021
Office recovery tools
Some major changes in the password extraction module, mask attack syntax, etc.
17.06.2021
Reset Windows Password v10.3
Disk image creation tool, Windows PIN history decryption, new HTML/email parsing engine

Articles and video

You may find it helpful to read our articles on Windows security and password recovery examples. Video section contains a number of movies about our programs in action

Windows Password Recovery - offline password remover


This is a helpful feature for removing and modifying passwords directly in the SAM/SECURITY registry files as well as in NTDS.DIT. For example, to regain access to a locked system, you do not necessarily have to recover the Windows logon password. Instead, you can just copy the SAM and SYSTEM registry files from the unbootable system, use this plug-in to remove the password for the account (or clear the lockup flag) and copy the files back. The password remover plug-in is made out as a wizard and consists of 4 steps:

Selecting password type
1. On the first step, select the password source. That could be either a SAM file - for the regular accounts,  DCC - for domain cached credentials, or NTDS.DIT — for removing passwords in a domain.


Removing passwods from SAM or NTDS.DIT file
2. On the second step of the wizard, specify the path to the SAM, SECURITY or NTDS.DIT file and to the SYSTEM registry file. By default, NTDS.DIT is located in c:\windows\ntds. Registry files reside in C:\windows\system32\config.


User account to reset the password for
3. On this step, we need to select the account we need to modify the password for. Select the username and move on to the final step.


Resetting SAM or NTDS.DIT password
4. The 'New password' field is made for the new password (leave it blank to just remove the password). If this field is disabled, it means that the password for that account is already empty.
 

Don't forget to save your SAM, SECURITY, or NTDS.DIT files before making the final changes to them!