RSS Feeds
fix
Recover Lost Passwords with Free Tools
Posted by Gina Trapani at 2:00 AM on June 3, 2008
ACCESS DENIED. Those two bone-chilling words are the last thing you want to see when you're trying to log into a system or open a file, but they're not necessarily a dead end. Several free tools can help you find lost passwords you can't remember or that your computer has saved but obscured. Let's take a look at a few free remedies for lost password panic when you're trying to log onto a computer, network, or just figure out what's behind that string of asterisks.
Before we start, two things: First, use the information and utilities below to recover your own passwords, or to help out your desperate relative or co-worker with their consent—not to snoop in other people's stuff. Second, to avoid these last-resort password recovery utilities forever, use an encrypted database to keep track of your passwords.
Windows
When you can't log into that old Windows PC you haven't touched in years, try booting up using the Ophcrack Live CD. Ophcrack will detect all the users set up on your Windows systems, and reveal their passwords—if the passwords are relatively easy to crack. See Adam's screenshot tour of how Ophcrack works, and which Windows passwords it was able to crack and which it wasn't. Windows Applications
When you've saved a password in your FTP software, IM client, or any other application that boasts a password field filled with asterisks, you want a password reveal utility. Both Snadboy's Revelation (original post) and Nirsoft's Asterisk Logger can show you what's behind the ***** in most apps' password field.
Microsoft Outlook PST (Personal Folders) files: For that old email archive from three jobs ago that you locked with a password you can't remember, try PstPassword (original post). This free utility offers three possible passwords that can open the PST file.
Recover instant messenger passwords: Lost your MSN Messenger, Google Talk, AIM, Yahoo Messenger, Trillian, Miranda, or Pidgin password but you're logged in and you've saved the password on your computer? MessenPass can unearth them for you.
Network and Wireless Router Passwords
See what passwords your computer is sending across the network to log into various services with SniffPass. The free SniffPass captures the passwords that pass through your network adaptor, and displays them. SniffPass reveals passwords for POP3, IMAP4, SMTP, FTP, and HTTP (basic authentication passwords).
Reveal Wi-Fi network passwords: This one saved me when I arrived at Mom's newly wireless-enabled house, asked her what the password to log onto the network was, and got a blank look in response. The free WirelessKeyView (original post) reveals Wi-Fi passwords saved in Windows.
Default router passwords: Of course if you want to log onto a wireless router and think maybe the owner never changed the default, check out the router default password list to find the factory password for the router's model.
Mac OS X
While password crackers for the Mac are non-existent as far as I know (correct me if I'm wrong!), the Mac Keychain is the way to reveal many of the passwords you've saved on your system. Find the Keychain in your Applications/Utilities folder. You'll have to enter an admin password just to get into Keychain, but then you can click on any entry—like Wi-Fi networks or saved application passwords—to get details and see the passwords. Firefox Saved Browser passwords
Finally, if you're saving web site passwords in Firefox, it's easy to reveal them as well. In Firefox, from the Tools menu, choose Options, and in the Security tab hit the "Saved Passwords" button. Then hit "Show Passwords." Alternately, if you're on a page with a password field filled in with asterisks, you can use the "View Passwords" bookmarklet to see them (#10 on that list). (Of course, here's how to secure your passwords in Firefox with a master password.)Note: Much of the Windows software featured in this article is by Nirsoft, but the ones we mentioned are just the beginning. Check out Nirsoft's complete mother lode of freeware Windows password utilities.
What password recovery utilities have saved your bacon? Tell us about 'em in the comments.
Gina Trapani, the editor of Lifehacker, demands that you use your password superpowers only for good. Her weekly feature, Geek to Live, appears every week on Lifehacker.
Comments (AU Comments · US Comments)
Davo
Posted June 9, 2008 8:14 PM
I regularly need to get into Windows XP or Vista machines that dont no password for, i use a linux based LiveCD that just wipes the SAM and SYSREG files so that there isnt any passwords in them. Saves trying to crack md5 hashes..
robert
Posted October 6, 2008 10:26 AM
my password for yahoo does not work anymore...how can i get it to work. yahoo want details that i cant remember because i set up the account a long time ago.
pls help
gerbercj
Posted 2:39 AM 3/6/08
On the Mac you can use John the Ripper ([www.openwall.com]), but getting the password hashes in order to decrypt them takes some work. I haven't tried on 10.5.x yet, but there is some good information for the previous three cats here: [www.macshadows.com]
gerbercj
nikrox
Posted 2:29 AM 3/6/08
Some of these can wreak havoc in a corporate network. But then again when it comes to IT, one man's meat is another's poison really.
nikrox
Flugenhiber
Posted 2:20 AM 3/6/08
here's to hoping that kismac gets on it's feet again....
Flugenhiber
ITForensics214
Posted 2:46 AM 3/6/08
Does anyone know of a decent/freeware program that displays identities and passwords for Outlook Express 5x and 6x?
ITForensics214
sLydE
Posted 3:10 AM 3/6/08
mmmm....bacon
sLydE
mcv2
Posted 3:09 AM 3/6/08
Oh, if only someone would write a password cracker for my TrueImage backup that I have never been able to remember!
When a backup procedure went belly up I was relieved to remember I had made a disc image but horrified when I realised I'd forgotten the password for it - five years of work locked in an unopenable safe!
The work isn't critical but I would like it back one day. Apparently, even Acronis state there is no known way to crack it. Looks like a summer job with pen and paper.....!
mcv2
njudah
Posted 3:50 AM 3/6/08
Keychain is great in most cases, but sometimes I've noticed the passwords get stored in Safari's AutoFill feature, which makes it impossible (unless there is a way and I just haven't read about it ) to recover in some cases.
Plus, I've had problems trying to sync up my "main" Mac with my "old" Mac, in that it keeps taking old data from the "old" mac and replacing current info on the "main" Mac. I want one to be in charge and the other to take direction, not replace old data with new...
njudah
kborer22
Posted 3:47 AM 3/6/08
will any of these be able to recover a microsoft office key? I got a free copy of office 2007 but lost the paper with they key for it, and i have since replaced my computer. Any suggestions?
kborer22
DiegoVH
Posted 3:46 AM 3/6/08
What about .rar/.zip files? I've got a .rar backup I've forgotten the password for, any freeware / shareware reccomendations?
DiegoVH
interficio
Posted 3:37 AM 3/6/08
One of the best all around tools for doing stuff like this is Cain and Abel. It can sniff passwords, crack all kinds of passwords (with brute force, dictionary, and rainbow table attacks), reveal asterisks, and a lot of other stuff. Like a lot of the other tools, it can be used for good or evil.
interficio
Jay Elmore
Posted 4:09 AM 3/6/08
@njudah:
Keychain is great in most cases, but sometimes I've noticed the passwords get stored in Safari's AutoFill feature, which makes it impossible (unless there is a way and I just haven't read about it ) to recover in some cases.
That's one of the reasons I like 1Password: it uses browser plug-ins for Firefox and Safari so that the auto-form-filling features don't grab and store them.
1Password keeps them in a standard OS X keychain, although the site names are hashed so the only way to recover your passwords is through the 1Password app itself.
(And Gina, it's not necessary to use an admin password to open your Keychain. By default, a user's login keychain uses their login password. I run as a limited user on my laptop and I've never had to use the admin password to open Keychain.)
Jay Elmore
holocron
Posted 5:34 AM 3/6/08
Hmmm...MessenPass will not unpack or install.
holocron
robdew
Posted 6:18 AM 3/6/08
Just make sure if you use these tools, you have permission -- written permission -- to do so.
robdew
Dom
Posted 6:00 AM 3/6/08
I did a project about 3 years ago that required a little vba function in Excel, ive forgotten the password i put on it. Would these or any other utility be able to recover a password on a VBA project of an office document?
Dom
mcv2
Posted 6:38 AM 3/6/08
@Dom: I've used this in the past and it worked a treat:
[www.freewordexcelpassword.com]
mcv2
kz26
Posted 6:36 AM 3/6/08
ahem...this is lifehacker without the "life".
kz26
phearlez
Posted 9:30 AM 3/6/08
I'd like to find a brute force cracker for TrueCrypt, to go after the volume I foolishly created and then didn't use for several months... enough time to forget the password I assigned. I know it wasn't TOO strong, so a brute force attack might eventually work, and even if it doesn't it's not like I don't have the time - barring that I am never getting in.
phearlez
jmdeshazer
Posted 10:24 AM 3/6/08
@holocron: @holocron:
MessenPass gets detected as a virus by most anti-virus applications. Disabling your AV should allow it to run
jmdeshazer
basharo
Posted 10:44 AM 3/6/08
anyone knows how to open a RoboForm master password? :( ...don't ask.
basharo
sunnydayz
Posted 11:22 AM 3/6/08
@kborer22
Try SIW or Belarc Advisor, don't forget to have a look at the secrets if using SIW.
sunnydayz
atomicrabbit
Posted 1:35 PM 3/6/08
Asterisk Key is a also good utility that shows passwords under the asterisks in password boxes. I've been using it for a long time, but some virus scanners pick it up as a virus.
atomicrabbit
nikrox
Posted 5:13 PM 3/6/08
@jmdeshazer: While I agree that AV can be a real paranoid virtual mother at times I would be very suspicious if a commercial product gets flagged by the majority of AVs.
nikrox
Mysterius
Posted 5:55 PM 3/6/08
@phearlez: I don't have the foggiest clue, but you might want to think about going over to the Truecrypt forums and asking around there to get an informed opinion.
[forums.truecrypt.org]
Mysterius
soldstatic
Posted 6:10 PM 3/6/08
For those who wish to use something like ophcrack but the hard passwords aren't working, or something similar, you can do a quick search for rainbow table torrents and download the rainbow tables to use. For instance, rainbowtables.shmoo.com, or [thepiratebay.org]
for instance. Just make sure you have TONS of space for them ;)
Also, for windows, I prefer cain and able, you can accomplish what multiple programs can do all inside the one.
soldstatic
quixiotic
Posted 8:12 PM 3/6/08
I would love a solid Cain and Abel user guide or tutorial, I have been trying to dump the SAM on a lab computer with it for weeks and haven't been able to. Among other mischevious things I do within my network.
quixiotic
ParaXnoia
Posted 12:06 AM 4/6/08
@quixiotic: You're going to need more than Cain and Abel to crack much of anything on modern Windows computers. There's a tutorial on their website, [www.oxid.it] .
@phearlez: Don't waste your time, it's next to impossible.
ParaXnoia
gmp352
Posted 12:51 AM 4/6/08
@kborer22: You want to use the Magical Jelly Bean key finder: [magicaljellybean.com]
gmp352
minealone6
Posted 1:28 AM 4/6/08
Ophcrack worked good for me, but I had a short password. The article says that it can usually find the password if it's 14 characters or less. So my next password will be:
"morethan15characters"
minealone6
KingsleyScratchy
Posted 5:34 AM 3/6/08
To recover lost XP or MS Office keys you can use a program called ProduKey from here: http://www.nirsoft.net/utils/product_cd_key_viewer.html
KingsleyScratchy
dguido
Posted 2:57 AM 3/6/08
You guys didn't mention Cain & Abel. [www.oxid.it]
ITForensics214, I'm almost positive that Cain will dump Outlook Express identities and passwords.
-Dan
[isisblogs.poly.edu]
dguido
wibbler
Posted 6:17 AM 3/6/08
@kborer22: You'll need the Magic Jelly Bean Keyfinder :
[www.magicaljellybean.com]
@Dom: maybe Straxx can help: [www.straxx.com]
wibbler