locked
forget my admin password

    Question

  • im  forgot  my  admin  password
    Wednesday, December 28, 2005 7:57 AM

Answers

  • VSSAdmin allows the Admin user to reset the passwords for other VSS users (with no loss).

    Of course, in Windows, for an Administrator to change passwords, the Administrator must remember his password, right? (You can't change the Administrator password this way). And for Passport there are other ways to verify your identity before reseting the password...

    Microsoft Customer Support will not help you recover any password for Microsoft products, as far as I know. It is illegal.

    Alin

    Wednesday, December 28, 2005 7:55 PM

All replies

  • There's a couple of options available to you. 

    Create a Windows user called 'Admin' and log on to that user (or run the VSS administrator program under that user using RunAs).  VSS will use the Windows user and you won't need the password.  At least that's the case if you have 'Use network name for automatic logon' set.  http://support.microsoft.com/kb/283618/en-us

    The other option is to force the password back to blank. by hacking um.dat with a hex editing tool.  Search the web and you'll find various step by step guides.  This isn't officially sanctioned by Microsoft and is definitely 'use at your own risk'.  http://blog.ali213.net/nightcat/archive/2005/01/10/1055.aspx

    Wednesday, December 28, 2005 9:40 AM
  • A few observations:

    The "Admin" user hack will not allow you to change the VSS Admin user password (you'll still need the old password if you try to set a new one)

    If I remember correctly, hacking um.dat as described causes "um.dat is corrupt" messages on VSS startup.

    Other solutions on the net suggest replacing um.dat with one from a different database. I wouldn't go that way - it causes even more database corruption.

    Hack at your own risk!

    Alin

    Wednesday, December 28, 2005 9:57 AM
  •  Alin Constantin - MSFT wrote:
    If I remember correctly, hacking um.dat as described causes "um.dat is corrupt" messages on VSS startup.
    That didn't happen the one time I used this approach, but I was working on a test copy of a VSS database that I could recreate if I had to so I wouldn't have been too worried if something terrible had happened.

    Hack at your own risk!
    Any chance Microsoft will provide a supported remedy for the problem of forgotten passwords?

    Wednesday, December 28, 2005 6:23 PM
  • > Any chance Microsoft will provide a supported remedy for the problem of forgotten passwords?

    No, Microsoft cannot help customers recover lost passwords for legal reasons.

    Alin

    Wednesday, December 28, 2005 7:15 PM
  •  Alin Constantin - MSFT wrote:
    No, Microsoft cannot help customers recover lost passwords for legal reasons.
    But surely Microsoft can provide some mechanism within Visual SourceSafe to allow customers to reset their password?  With suitable levels of protection and audit of course.

    The Windows User account mechanism allows an administrator to reset a password (albeit with the loss of encrypted data).  Microsoft Passport provides a mechanism for resetting my password if I forget it.   Why not VSS?

    Wednesday, December 28, 2005 7:36 PM
  • VSSAdmin allows the Admin user to reset the passwords for other VSS users (with no loss).

    Of course, in Windows, for an Administrator to change passwords, the Administrator must remember his password, right? (You can't change the Administrator password this way). And for Passport there are other ways to verify your identity before reseting the password...

    Microsoft Customer Support will not help you recover any password for Microsoft products, as far as I know. It is illegal.

    Alin

    Wednesday, December 28, 2005 7:55 PM
  •  Alin Constantin - MSFT wrote:
    Of course, in Windows, for an Administrator to change passwords, the Administrator must remember his password, right?
    Not really.  If there is more than one administrator defined, then one administrator can reset another administrator's account.  Of course that solution isn't perfect, resetting a password like that makes encrypted data inaccessible.

    A better solution is for an administrator to create a Password Reset Disk which they can use to reset their password if they forget it.  That approach works even if there is only one administrator.  http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/ServerHelp/4a9a74b7-eb52-4920-b251-02c7e851d837.mspx

     (You can't change the Administrator password this way).
    Yes you can reset the builtin Administrator's password from another account with administrative privileges.  I just tried it on a Virtual PC I have. 

    Microsoft Customer Support will not help you recover any password for Microsoft products, as far as I know. It is illegal.
    I think we are talking at cross purposes here.  I accept that (for whatever reason) Microsoft will not help a customer recover a password they have lost.  That's water under the bridge.

    What I'm suggesting is that, for the benefit of future victims of this not uncommon problem,  Microsoft change Visual SourceSafe to add some suitable mechanism to allow customers to fix the problem themselves.

    This isn't the place to design such a mechanism but just to be clear...

    One example of such a mechanism would be a VSS Password Reset Disk.  I don't much care for that as a solution - it still leaves you in the position that if the disk is lost or damaged you lose the ability to reset your password.  Still, it would be better than what we have today (nothing that's supported).

    Another example of a suitable mechanism would be to allow a Windows user called Admin to reset the Admin password without first supplying the old password so long as certain criteria were met, for example

    1. 'Use network name for automatic logon' is set
    2. Admin was logged on at the server console
    3. Admin was a member of the local administrator's group
    4. Admin was the owner of the um.dat file

    The second criterion ensures some level of physical security (assuming the site keeps their SourceSafe server in an area with access controls).  The third criterion ensures that not just any user called 'Admin' can be used and increases the liklihood that more attention than usual is payed to who has access to the account.  The fourth criterion ensures that a Security event log entry is written (when Admin takes ownership) providing some level of auditability.  VSS could also write a suitable Security Event Log Entry

    The third and fourth criteria also mean that the Admin user had enough privilege and access to be able to perform the um.dat hex edit hack anyway.

    Wednesday, December 28, 2005 9:46 PM
  • there is an other option. 
    if you changed the password and made a mistake doing it you can get your old password back in the following way: 

    shutdown your windows xp, vista or w7 computer and restart it. after the biosbootscreen (just wait like you always do) push F8 until a window shows up telling how save you would like to startup your pc. in this list select "use latest good configuration"or something (in dutch "laatste werkende configuratie"). 
    your computer will scratch back all changes made in the past few days. 

    if this isn't an option try http://www.geeksaresexy.net/2009/03/04/how-to-recovering-your-windows-password/ i am currently trying this on a virtual machine and will post back if it works.

    amonfog
    • Edited by amonfog Thursday, November 05, 2009 8:59 PM
    Thursday, November 05, 2009 8:17 PM
  • there is an other option. if you changed the password and made a mistake doing it you can get your old password back in the following way: shutdown your windows xp, vista or w7 computer and restart it. after the biosbootscreen (just wait like you always do) push F8 until a window shows up telling how save you would like to startup your pc. in this list select "use latest good configuration"or something (in dutch "laatste werkende configuratie"). your computer will scratch back all changes made in the past few days. if this isn't an option try http://www.geeksaresexy.net/2009/03/04/how-to-recovering-your-windows-password/ i am currently trying this on a virtual machine and will post back if it works.
    it works!! i tried it on an sd card and admin userpassword is nuked. i can just login.
    but watch out if you use acer filedecryption or windows filedecription the files will become unaccecable (since the encryption is made by calculating the binary's with a cyphers generated from the password) but if you don't know this function excists or never tried it, it's allrigt.
    remember not to change the administrator settings but the user with adminrights!! so type your'e username if the screen asks for a username

    good luck installing it folks

    amonfog

    ps: smartest way is to erase the password and make a new one when your'e logged in again going to accountsettings in xp or ctrl-alt-del -->change password in vista and seven
    Thursday, November 05, 2009 8:55 PM
  • I had fund A windows password tool to reset any windows pasword.-called "windows password key 8.0" for free download.
    and the serial is: 1045-1268-8776-9082-1752-3896
    you can go this website:
    http://download.cnet.com/Windows-Password-Key/3000-2092_4-75031111.html?tag=mncol;lst
    I also had found some useful websites for you:
    1)reset any windows password ( http://sn.im/vaptp )
    2)Reset windows 7 password ( http://windows7password-lndsmth04.blogspot.com/ )
    3)recovery windows XP password ( http://windowsxppassword-barika.blogspot.com/ )
    4)create windows vista password ( http://windowspasswordkey.blogspot.com/ )
    Friday, June 04, 2010 7:14 AM
  • This is very boring, but don't think it trouble.
    Once I met the same problem.
    And my friend recommand me to free download a software to recovery password.
    Called Password Recovery Bundle
     Password Recovery Bundle is a multifunctional tool to recovery many kinds of password.
    Thursday, July 01, 2010 2:37 AM
  • If you have forgotten your admin password then you should...

    Use the info in the posts above regarding the um.dat file.  VSS is a different animal, and the methods for recovering the pwd above work just fine.  There are blog posts regarding this method as well.  Search for "Reset VSS password" to find them.

    Jeff Clausius - SourceGear

    Stretching VSS to its limits? Have you looked at SourceGear Vault?



    Saturday, August 11, 2012 3:17 PM
  • In Windows 7 / Windows Server 2008 R2 you no longer have the Run As option with the UI to pick a particular account under which to run a program -- but you still have the RunAs Command Line option which was introduced with Windows Visa!

    http://technet.microsoft.com/en-us/library/cc771525(v=ws.10).aspx

    Find out the name of one of the admin users by peaking in the /Users folder where the Source Safe data files live -- there's usually a list -- one of them should strike you as an administrator -- let's say it's: Admin.

    Using the RunAs command to Run VSS Admin under an account in the VSS DB:
    Create an "Admin" account with a password on your local machine.
    use the Start/Run feature with the following command line:

    runas /user:Admin "C:\Program Files (x86)\Microsoft Visual SourceSafe\ssadmin.exe"

    You're prompted for the Windows User password for the Admin account
    The VSS Admin client starts up and you're into the VSS database
    Add a user with the same username as your normal Windows account name
    And ythen you can easily use the VSS client to access the sourcesafe database


    Daniel Hester

    Saturday, September 29, 2012 5:43 AM