Local user accounts

Top  Previous  Next

If you work with the local (SAM) accounts, you get the list of all local accounts after selecting the operating system or SAM and SYSTEM files:

 

sam_accounts

 

The accounts that has Administrator rights (privileges) are highlighted with the green color, and the accounts that are locked or disabled are colored with red.

 

You can also enable Show password hashes option to see the LM and NTLM hashes for all accounts that have non-empty passwords, and Show password history option to see the 'old' records that are available (if saving the password history is enabled in the given system).

 

Simply select the account you want to change the password or properties for, and press Next; and you will get a detailed information about it:

 

sam_change

 

Here you can reset/change the password as well as the following account properties:

 

Administrator account

Password never expires

Password expired

Account disabled

Account is locked out

 

After you make necessary changes, press Apply. You will be prompted for location and name of backup copy of SAM database.

 

It is NOT recommended to just reset the password (set the empty password as a new one) -- instead, select the new (complex) password for security reasons. Please also note that the local security policy may be applied, and so while you're able to set any (even empty) new password, you might not be able to log on with that new password if it does not comply the password policy. Finally, you cannot give Administrator privileges to built-in accounts such as Guest; it is also not recommended to change the password or any properties for any accounts in Guests user group.