If you have a Windows Install or Recovery DVD, you can create a new Windows user account using a Windows security loophole (see end of this article), but if you don't want to do this because it alters the system, you can log-in to most Windows PCs without changing the system at all using Kon-Boot.
See also the Easy2Boot project and the PassPass download (PassPass patches a Windows dll to allow any password to work on XP-Win8)
If you have forgotten your user password to your Windows system, you can bypass the password entry using Kon-Boot (provided you have not encrypted your drive using a free utility like TrueCrypt).
Kon-Boot does not make any changes to your system and does not alter the hard disk in any way, it just patches in memory the Windows code that requires you to enter a password.
Here are the 5 steps you need to take:
1. Make a bootable USB drive (or burn an ISO to a CD) - the instructions to make a USB Flash drive are detailed below.
2. Boot the target system from the USB drive (or CD).
3. Allow Kon-Boot to run (you will need to press Enter) and then allow it to reboot your system - if it boots from the USB drive again use the menu item to reboot to the hard disk.
4. Now allow the system to boot to Windows and log-in as usual (choose an account that has Administrator rights) - no password will be required
5. Now you can use Control Panel to change the user account password(s) as you require and then reboot Windows as normal.
Warning: If you use KonBoot, it may cause some applications to loose Windows account auto-authentication. This means that when you reboot normally, you may have to re-enter some application or website usernames and passwords again that normally used to log in automatically. In some cases, you may have to re-install the applications again (e.g. DropBox) in order to re-enable it.
The steps below assume you want to create a bootable USB Flash drive from which you can run Kon-Boot.
Please note: It is illegal to use this on someone's system without their permission!
Your anti-virus software may warn you or even delete the Kon-Boot downloaded file. As far as I know, Kon-Boot is virus-free and safe to use.
1. Download the latest version of Kon-Boot from www.kryptoslogic.com which costs $16. There is an older free version at http://www.piotrbania.com/all/kon-boot/ (download the floppy image for Windows&linux - the password needed to unzip it is kon-boot). You need to extract the file FD0-konboot-v1.1-2in1.img . A version that works with XP/Vista/Windows 8 (v1.1 2010-2013) should be used for Vista/7/8 32 or 64-bit.
2. Use RMPrepUSB to format and prepare your USB Flash drive. You can choose any bootloader option or filesystem but remember to tick the Boot as HDD option. If you are unsure what options to use, just copy the settings from the picture below:
3. Now install grub4dos by clicking on the Install grub4dos button and follow the instructions - press Enter when prompted to copy over the grldr file
4. Now press F4 and Notepad will create a new file called menu.lst. Copy and paste the following text into menu.lst and save the contents.
5. Copy over the FD0-konboot-v1.1-2in1.img file to the USB drive. You should now have 3 files on the USB drive:
6. The USB Flash drive is now ready to test. If you wish you can test it harmlessly within Windows by clicking on the Test using QEMU Emulator (F11) button in RMPrepUSB (type 0 for the Virtual hard disk size and use the default memory size offered) - you should see the first two screens at the top of this page (press a key to get to the second screen).
7. Now you can use the USB Flash drive on the target system. Insert the USB FLash key and switch on the system. Set the BIOS options on the target system so that it boots to a USB drive or use the Bios Boot Selection menu (often invoked by pressing the ESC, F11 or F10 key during BIOS start-up) and choose to boot from the Flash key. You should see the grub4dos menu below:
grub4dos Kon-Boot menuPress Enter to run Kon-Boot - once it is running, remove the USB Flash drive. Now press a key to allow Kon-Boot to start and then reboot from the target system's hard disk drive automatically. You should now be able to log in to any Windows user account without needing a password.
Note: If you reboot the system or switch it off before making any account changes, the patch will be lost and the target Windows system will boot normally and Windows will require the normal passwords. In this case just reboot using Kon-Boot again.
If you have a Windows Vista or Windows 7 Recovery or Install DVD, or have a bootable WinPE drive, it is possible to create a new account with Administrator rights on any Vista/Windows7 computer as follows: