Chntpw Explained

chntpw
Language:English
Genre:Data recovery
Developer:Petter Nordahl-Hagen (Formerly Petter Nordahl)
Operating System:Linux
Latest Release Version:1.00
License:GPLv2
Programming Language:C

chntpw is a software utility for resetting or blanking local passwords used by Windows NT operating systems on Linux. It does this by editing the SAM database where Windows stores password hashes.

Features

There are two ways to use the program: via the standalone chntpw utility installed as a package available in most modern Linux distributions (e.g. Ubuntu[1]) or via a bootable CD/USB image. There also was a floppy release, but its support has been dropped.

Limitations

chntpw has no support for fully encrypted NTFS partitions (the only possible exceptions to this are encrypted partitions readable by Linux such as LUKS), usernames containing Unicode characters, or Active Directory passwords (with the exception of local users of systems that are members of an AD domain). The password changing feature is also prone to errors, so password blanking is highly recommended (in fact, for later versions of Windows it is the only possible option). Furthermore, the bootable image might have problems with controllers requiring 3rd party drivers. In such cases use of the stand-alone program in a full-featured Linux environment is recommended.[2]

Where it is used

The chntpw utility is included in many various Linux distributions, including ones focused on security:

License change

For the software's 10th anniversary, the author changed the license from a non-commercial one to the GNU General Public License (GPL) Version 2.[4]

References

  1. Web site: How to reset a Windows password with Ubuntu. 28 July 2010. ubuntucat.
  2. Web site: Offline Windows pw & reg-editor, FAQ. 5 September 2015.
  3. Web site: Resetting Passwords with SystemRescueCd. James Stanger. 5 September 2015.
  4. http://pogostick.net/~pnh/ntpasswd/HISTORY.txt The Offline NT Password Editor History