Windows 7 : Sharing and Securing with User Accounts - Creating a Password Reset Disk, Running Programs as Administrator

9/15/2012 3:06:46 AM

1. Creating a Password Reset Disk

A password reset disk is an important part of any password-protected PC. It's the only method of password recovery that allows you to retain all data in an account in the event of a forgotten password. Advanced features such as EFS (Encrypting File System) encryption, personal certificates, and stored network passwords can be recovered only by using a password reset disk.

The main trick is to create the password reset disk before you forget the password. You can't do it after you've forgotten the password. Keep that disk in a safe place where you can find it when you need it, but where others can't find it to gain unauthorized access to the administrative account.

Jump Drive? Memory Card?

A jump drive (also called a USB flash drive) is a small device that plugs into a USB port on your computer and looks and acts like a disk drive. A memory card is a storage device commonly used to store pictures in digital cameras. If your computer has slots for such cards, you can slide a card into the slot and treat the card just as you would a USB flash drive. 

To see examples and get an idea of costs, check out some online retailers. Then search the site for jump drive or memory card reader to view available products. If you're looking at memory card readers, the kind that plugs into a USB will be the easiest to install. Many retail department stores that sell computer or office supplies also carry flash drives.

A floppy disk or jump drive works equally well as a password recovery tool. If your computer doesn't have a floppy disk drive, you can use a jump drive or memory card instead. However, a memory card will work only if your computer has slots for inserting a memory card.

To create a password reset disk, log in to the password-protected administrative account you created. Then insert a blank floppy disk in the floppy drive. Or connect a jump drive to a USB port, or put a spare memory card in a memory card slot. Then get to the main User Accounts page. If you've already closed the user account window, press , type user, and click User Accounts on the Start menu. Or go through the Control Panel (click the Start button and choose Control Panel => User Accounts and Family Safety => User Accounts). Then follow these steps:

  1. In the left column, click Create a Password Reset Disk.

  2. Read the first page of the wizard that opens and click Next.

  3. Choose the drive into which you inserted the floppy, or the drive letter that represents the jump drive or memory card; then click Next.

  4. Type the password for the administrative account into which you're currently logged and click Next.

  5. When the progress indicator is finished, click Next and then Finish.

Keep the disk (or drive, or card) in a safe place. If you use a jump drive that you also use for other purposes, make sure you don't erase the userkey.psw file. That's the file needed for password recovery.

1.1. Using the password reset disk

If you ever need to use the disk (or drive, or card) to get into the administrative account, first start the computer and click the administrative account for which you created the password reset disk. Take a best guess at the password and press Enter.

If the password is rejected, insert the floppy disk, jump drive, or memory card you created as a password reset disk. Wait a few seconds for Windows to recognize and register the item. Then click Reset Password under the password hint on the login screen.

Follow the instructions presented by the wizard that opens. You won't be required to remember the original password. Instead, you create an entirely new password and hint for the account. Use that new password whenever you log in to the account from that point on.

1.2. Cracking into standard user accounts

If a standard user forgets his or her password, you can use an account that has administrative privileges to get the standard user back into his or her account. If you're an administrator and just want to see what a standard user is up to, you can use this same technique to remove the password from the account and have full access to its folders.

This approach will cause the standard user to lose access to encrypted files and e-mail messages you create in an e-mail program such as Windows Live Mail. If the standard user is advanced enough to use those things, it is better to use a password reset disk to gain access to the account.

To remove the password from a standard user account:

  1. Log in to a user account that has administrative privileges.

  2. Get to the Manage Accounts page (click the Start button and choose Control Panel => Add or Remove User Accounts).

  3. Click the password-protected account for which the user has forgotten the password.

  4. Click the Remove the Password button.

The standard user account will no longer be password-protected. Anybody can log in to that account from the login page just by clicking the user's account icon.

2. Running Programs as Administrator

Most newer programs work with UAC's privilege escalation on the fly. But sometimes that won't work, especially with older programs. You can run any program with administrative privileges by right-clicking its startup icon and choosing Run as Administrator, as in the example shown in Figure 1.

Figure 1. Run a program as administrator.

The same method works for programs that you can't launch from the Start menu. Use Windows Explorer to get to the folder that contains the executable file for the program. Then right-click the filename and choose Run as Administrator.

You can make older programs that aren't part of Windows 7 run with elevated privileges automatically by changing program compatibility settings. Right-click the startup icon for the program, or the executable file's icon, and choose Properties. In the Properties dialog box, click the Compatibility tab. Then, under Privilege Level, select Run This Program as an Administrator and click OK.

If the option to run the program as an administrator is disabled, then one of the following is true: the program doesn't require administrative privileges to run; you are not logged in to an administrative account; or the program is blocked from always running elevated.

  •  A Cost Effective Printer?
  •  Get More Out Of Windows 7 (Part 4)
  •  Get More Out Of Windows 7 (Part 3)
  •  Get More Out Of Windows 7 (Part 2)
  •  Get More Out Of Windows 7 (Part 1)
  •  MSI R7970 Lightning - A Powerful Card with Some Great New Ideas
  •  Transcend's aXe RAM Does The Trick
  •  Information Station For Data Storage and Transfer Devices
  •  Konica Minolta Magicolor 3730DN
  •  Windows Server 2003 : Building an Active Directory Structure (part 4) - Managing Users and Groups - Using LDAP to create users, Delegation
  •  Windows Server 2003 : Building an Active Directory Structure (part 3) - Managing Users and Groups - Creating users and groups
  •  Windows Server 2003 : Building an Active Directory Structure (part 2)
  •  Windows Server 2003 : Building an Active Directory Structure (part 1) - The First Domain
  •  Windows Server 2003 : Active Directory Objects and Concepts
  •  Connecting To A Virtual Private Network From Your MAC
  •  Tips, Tricks And Tweaks For Microsoft's Mighty, Windows 7
  •  Maintaining Your Windows XP System : Backing Up Your Files
  •  Maintaining Your Windows XP System : Defragmenting Your Hard Disk
  •  Asus P8Z77-V Premium : Loads Up Every Conceivable Feature
  •  Brother DCP-J140W
    Top 10
    Nokia Lumia 810 – T-Mobile (Part 4)
    Nokia Lumia 810 – T-Mobile (Part 3)
    Nokia Lumia 810 – T-Mobile (Part 2)
    Nokia Lumia 810 – T-Mobile (Part 1)
    Samsung Galaxy SIII Mini - A Small Galaxy Having Few Stars (Part 4)
    Samsung Galaxy SIII Mini - A Small Galaxy Having Few Stars (Part 3)
    Samsung Galaxy SIII Mini - A Small Galaxy Having Few Stars (Part 2)
    Samsung Galaxy SIII Mini - A Small Galaxy Having Few Stars (Part 1)
    Acoustic Energy 301 Loudspeaker - Metal Master (Part 2)
    Acoustic Energy 301 Loudspeaker - Metal Master (Part 1)
    Most View
    On Test - Postcard Apps (Part 2)
    SQL Server 2008: Working with System Databases
    SharePoint 2007 : Use the Datasheet View to Add, Edit, or Delete Items and Files
    Powered By Windows (Part 2) - Toshiba Satellite U840 Series, Philips E248C3 MODA Lightframe Monitor & HP Envy Spectre 14
    Windows 7 : Changing a Printer's Properties
    DirectX 10 Game Programming : 3D Primer - Matrix Scaling, Matrix Translation
    IIS 7.0 : Editing Configuration - Understanding Configuration Errors
    AMD Radeon HD7750 : Single slot awesomeness
    SQL Server 2005 : Using Excel (part 1) - Working Within Excel
    Social media and the workplace
    New Year Gift Guide 2013 (Part 2)
    Review: Nikon D4 – The master of the dark arts (Part 1)
    Skullcandy Headphones
    Asus Zenbook Prime UX31A Touch Review - New Touchscreen And Equally Stable Performance (Part 1)
    Panasonic LUMIX LX7: A High-end PnS With f/1.4-2.3 Lens And 11fps Continuous Shooting
    Review: NVIDIA GeForce GTX 680
    SilverStone Heligon HE02 CPU Cooler – An Efficient Silence From A Giant (Part 3)
    The Path to Shellcode
    iPhone Application Development : Understanding Table Views and Navigation Controllers