Before we are going to explain how you can reset the system password of one of your servers manually, we would like to draw your attention to the task “Password reset”, which is available in your Contabo customer control panel. This task could save you the effort explained in this tutorial in many cases. With it you can also reset the system password which is most likely “root” (Linux) or “Administrator” (Windows). Note that if you use advanced features, such as custom OS images, your username may be different, typically admin. Double-check your default username in the Customer Control Panel, section VPS, VDS or Server control:
The task “Password reset” is available in your Contabo customer control panel for Dedicated Servers in the “Server control” and for VPS in the “VPS control” after hovering the pointer over the “Manage” button:
First of all, please read the following important instructions about this tutorial:
Please note that this tutorial only works for Windows Server 2012 or 2016. Newer versions starting with Windows Server 2019 have a different password reset policy.
During this tutorial you are going to advance deeply into your operating system, so we kindly ask you to be careful while running these commands. Furthermore, we ask for your understanding that Contabo is not liable for damages or data loss of your operating system.
Please also be informed that this tutorial is not working on Dedicated Servers with Windows operating systems without a KVM over IP device. We kindly ask you to open a ticket at [email protected] if we should assist you.
Please go to your Contabo customer control panel for performing a reboot of your VPS or Dedicated Server into the rescue mode. To do so, you have to navigate to “Your services” in the menu on the left, followed by “Manage”, then choose “Rescue System”.
(The login credentials of your customer control panel have been sent in our initial e-mail to your authorized e-mail address.)
Password reset for Linux:
1. List system partitions:
[email protected] /root % fdisk -l
....
Device Boot Start End Blocks Id System
/dev/sda1 * 2048 961146879 480572416 83 Linux
/dev/sda2 961146880 976771071 7812096 82 Linux swap / Solaris
....
2. Mount system partition:
[email protected] /root % mount /dev/sda1 /mnt
3. Now you can change to the mounted environment:
[email protected] /root % chroot /mnt /bin/bash
4. Reset the root password:
[email protected]:/# passwd root
Enter new UNIX password: <NEW PASSWORD>
Retype new UNIX password: <NEW PASSWORD>
passwd: password updated successfully
5. The root password has been changed, please exit the rescue mode and reboot your server back to the operating system:
[email protected]:/# exit
[email protected] /root % reboot
Now you should be able to login using the new password.
Password reset for Windows Server 2012 or 2016:
1. List system partitions:
[email protected] /root % fdisk -l
....
Device Boot Start End Sectors Size Id Type
/dev/vda1 * 2048 718847 716800 350M 27 Hidden NTFS WinRE
/dev/vda2 718848 629143551 628424704 299.7G 7 HPFS/NTFS/exFAT
....
2. Mount system partitions:
[email protected] /root % ntfs-3g /dev/vda2 /mnt
Please note: If now an error message appears, please enter the following command before you are going to mount the system partition:
[email protected] /root % ntfsfix /dev/vda2
Mounting volume... OK
Processing of $MFT and $MFTMirr completed successfully.
Checking the alternate boot sector... OK
NTFS volume version is 3.1.
NTFS partition /dev/vda2 was processed successfully.
3. Now you can change to the system directory:
[email protected] /root % cd /mnt/Windows/System32/config
4. Print all system users:
[email protected] /root/mnt/Windows/System32/config % chntpw -l SAM
chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 302/27480 blocks/bytes, unused: 28/5032 blocks/bytes.
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | |
| 01f5 | Guest | | dis/lock |
5. Reset the Administrator password:
[email protected] /root/mnt/Windows/System32/config % chntpw SAM -u Administrator
chntpw version 1.00 140201, (c) Petter N Hagen
Hive <SAM> name (from header): <\SystemRoot\System32\Config\SAM>
ROOT KEY at offset: 0x001020 * Subkey indexing type is: 666c <lf>
File size 262144 [40000] bytes, containing 8 pages (+ 1 headerpage)
Used for data: 302/27504 blocks/bytes, unused: 28/5008 blocks/bytes.
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 82
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > 1
Password cleared!
================= USER EDIT ====================
RID : 0500 [01f4]
Username: Administrator
fullname:
comment : Built-in account for administering the computer/domain
homedir :
00000220 = Administrators (which has 1 members)
Account bits: 0x0010 =
[ ] Disabled | [ ] Homedir req. | [ ] Passwd not req. |
[ ] Temp. duplicate | [X] Normal account | [ ] NMS account |
[ ] Domain trust ac | [ ] Wks trust act. | [ ] Srv trust act |
[ ] Pwd don't expir | [ ] Auto lockout | [ ] (unknown 0x08) |
[ ] (unknown 0x10) | [ ] (unknown 0x20) | [ ] (unknown 0x40) |
Failed login count: 0, while max tries is: 0
Total login count: 82
** No NT MD4 hash found. This user probably has a BLANK password!
** No LANMAN hash found either. Try login with no password!
- - - - User Edit Menu:
1 - Clear (blank) user password
(2 - Unlock and enable user account) [seems unlocked already]
3 - Promote user (make user an administrator)
4 - Add user to a group
5 - Remove user from a group
q - Quit editing user, back to user select
Select: [q] > q
Hives that have changed:
# Name
0 <SAM>
Write hive files? (y/n) [n] : y
0 <SAM> - OK
6. The Administrator password has been changed, you can check this as follows:
[email protected] /root/mnt/Windows/System32/config % chntpw -i SAM
===== chntpw Edit User Info & Passwords ====
| RID -|---------- Username ------------| Admin? |- Lock? --|
| 01f4 | Administrator | ADMIN | *BLANK* |
| 01f5 | Guest | | dis/lock |
Please enter user number (RID) or 0 to exit: [1f4] 0
Please note: The *BLANK* entry indicates, that currently no Administrator password is set!
7. Exit the rescue mode and reboot your server back to the operating system:
[email protected] /root % reboot
8. Last of all, you can login to your server via VNC without password for setting a new password. Therefore, please choose one of the following options:
(The login credentials of your VNC access have been sent in our initial e-mail to your authorized e-mail address)
Primary option (for 2012 or 2016 version only)
Control panel > User accounts > User accounts > Manage accounts > Change account > Create password
Alternative option (for 2012 or 2016 version only)
Please open the command prompt on the desktop and enter the following command:
C:\Users\Administrator> net user Administrator <password>
A new password has been created, it is valid for the “Administrator” user account from now on.