chntpw man page

chntpw — utility to overwrite Windows NT/2000 SAM passwords


chntpw [options] <samfile> [systemfile] [securityfile] [otherreghive] [...]


This manual page documents briefly the chntpw command. This manual page was written for the Debian distribution because the original program does not have a manual page.

chntpw is a utility to view some information and change user passwords  in a Windows NT/2000 SAM userdatabase file. It is not necessary to know the old passwords to reset them.  In addition it contains a  simple registry editor (same size data writes) and hex-editor with which the information contained in a registry file can be browsed and modified.



Show summary of options.

-u username

Username to change. Default is Administrator


List all users in the SAM database.


Interactive: list all users (as per -l) and then ask for the  user to change.


Registry editor with limited capabilities.


Use buffer debugger.


Show hexdumps of structs/segments (deprecated debug function).


chntpw sam system

Opens registry hives sam and system and change administrator account. This will work even if the name has been changed or it has been localized (since different language versions of NT use different administrator names).

chntpw -u jabbathehutt mysam

Prompts for password for jabbathehutt and changes it in the mysam registry file, if found (otherwise do nothing)

See Also

If you are looking for an automated procedure for password  recovery, you might look at the bootdisks provided by the upstream author at
There is more information on how this program works available at /usr/share/doc/chntpw. This information includes in-depth information on how the  registry works, what are syskeys and some other issues.


This manual page was written by  Javier Fernandez-Sanguino <>, for the Debian GNU/Linux system (but may be used by others).


30th May 2002