Ophcrack – A Password Hack Tool to Crack Almost Any Windows Password

Simon Slangen 17-07-2009

There are a lot of different reasons why one would want to use any number of password hack tools to hack a Windows password. Of course, there are the good-hearted reasons, like helping your grandpa because he forgot his password and is locked out of his own computer. Then, there are the more dubious reasons, like spying on your accountant.


In the past, MakeUseOf has published other password-cracking related articles. Those who are interest should check out T.J. Miniday’s 3 Ways to Reset Forgotten Windows Administrator Password 3 Ways to Reset a Forgotten Windows Administrator Password Forgetting your computer password is scary, but you still have options. Here are three easy methods to reset your Windows administrator password and get back into your computer. Read More .

However, there might be circumstances in which you’d need unnoticed access – being able to use the terminal without literally changing the password.


That’s where Ophcrack comes in. Ophcrack is one of the more effective password hack tools that runs via Windows, Mac and Linux installations or on a Live CD, and it can be used to crack almost any Windows password.

To manage this, Ophcrack uses rainbow tables to guess the password. When a working one is encountered, it is presented to you, and you can simply log in with it. One would think this “guessing” takes a lot of time, but that’s just where the power of rainbow tables lies.



Rainbow Tables in a Nutshell

Operation systems don’t store the user passwords in plain text — that’d be highly insecure, and even right out stupid. Instead, they calculate the hashes of the passwords by putting the passwords through a one-way hash function and store those. When one would obtain these hashes, they would still be rather useless; the password needs to be entered, after which the hash needs to be calculated and compared to the stored password hash.

e.g. ‘’ would become ‘9fb883363640e11970be10a5936a37fc:b35f6f8268073d2242e0cd8b72554d8a’ when converted to Windows XP’s LM hash.

A rainbow table is basically an enormous list of passwords — basically every password a brute force attack would try — with their respective hashes included. Although this table takes a lot of time to generate, it can reduce the cracking of passwords to minutes, or even seconds.

Downloadable Tables

Ophcrack supplies a few of these rainbow tables, free, for your use. They’re included in the Live CD, can automatically be retrieved from the Windows executable, or downloaded from the Ophcrack website. We’ll quickly look over the available tables, and their possibilities.

For Windows XP, Ophcrack supplies two alphanumeric tables. With these, you can crack 99.99% of all passwords under 14 characters, consisting of a combination between letters and numbers — abcdefghijklmnopqrstuvwxyz0123456789. Because the LM hash used by Windows XP is insensitive to capitalization, these hash tables contain 80 billion different hashes, corresponding with 12 septillion possible passwords.



You can choose between the XP free small and the XP free fast tables. These can both be used to crack the same passwords, but because the XP free fast table is twice as large, you can crack them in half the time.

The downside of both tables is their unability to crack passwords with special characters — these can only be cracked using the premium XP special tables.

For Windows Vista, which abandoned the weak LM hash, and moved on to the stronger NT hash, there are less possibilities. Currently, Ophcrack only gives away a table with dictionary-words and variations (hybrids) for free. If you’re willing to cough up a lot of money (about 99$), they also provide alphanumerical tables – including special characters.



Because the NT hash is subjective to capitalization, and allows a much greater password length (whereas the LM hash simply splits large sequences up in multitudes of smaller strings), these premium rainbow tables can range in size from 8GB to over 130GB.

And that’s the essence of it. There’s some more technical information (a real how-to) in the Ophcrack help files (included in the downloads).

If you’re shivering in your boots after reading this article and thinking,”Gosh, everyone’s going to know how to hack my password. What shall I do?” Then it may be a good time to create a stronger password. Stefan wrote about 5 free password generators The 5 Best Online Password Generators for Strong Random Passwords Looking for a way to quickly create an unbreakable password? Try one of these online password generators. Read More that will help you make nearly unhackable passwords, no matter what password hack tools a hacker tries to use. It’s a good start.


So, what do you think? Is Ophcrack really the pot of gold at the end of the rainbow, or hardly worth one’s attention? — Let us know your experiences, opinions and questions in the comments section below.

Related topics: Encryption, Online Privacy, Password.

Affiliate Disclosure: By buying the products we recommend, you help keep the site alive. Read more.

Whatsapp Pinterest

Leave a Reply

Your email address will not be published. Required fields are marked *

  1. Ozil
    June 7, 2017 at 8:30 am

    I run the program on my Windows 10 machine and get an error "table not found". It seems Ophcrack no longer work on the latest Windows 10 build. Luckily, I got it fixed with UUkeys Windows Password Mate. Though it costs a few bucks, it is much easy to go with.

  2. Chris
    January 27, 2010 at 7:07 pm

    thanx, I have other method to recover windows password now.

  3. Chris
    January 27, 2010 at 6:43 pm

    You can reset windows user account password in safe mode(F8 when booting up). But if you forgot administrator password, you must reinstall windows OS or use windows password recovery disk.

  4. debi
    January 4, 2010 at 9:08 am

    please can anyone help me get my passwords bk to my msn and hotmail account as my ex-partner as changed them

    • Simon Slangen
      January 4, 2010 at 9:52 am

      Try the default password recovery (secret question), or otherwise contact Windows Live support. They're best equipped to help you with this.

  5. Fiona
    December 23, 2009 at 11:40 pm

    Free trail Windows Password Recovery Tool---Windows Password Unlocker is highly recommended
    1.Download Windows Password Unlocker from Password Unlocker Official site
    2.Decompress the Windows password unlocker and note that there is an .ISO image file. Burn the image file onto an blank CD with the burner freely supported by Password Unlocker.
    3.Insert the newly created CD into the locked computer and re-boot it from the CD drive.
    4.After launched the CD, a window pop up with all your account names(if you have several accounts) select one of the accounts that you have forgotten its password to reset it. Just one press, you have removed the password

  6. Cena
    December 14, 2009 at 3:58 pm

    Wow well detailed... but can you also provide some info on recovring lost passwords of windows vista??

  7. HellKid
    November 6, 2009 at 7:55 pm

    someone steal my logout file on da hosting and it's said da password was encrypted and should be opened using a password encrypter tool, anybody wanna help me out please..?

    • NoEbonics
      February 10, 2010 at 3:28 pm

      Sure, I'll help you. It's spelled "THE", not "DA".

      There, that should help you quite a bit in life.

  8. suzie
    November 5, 2009 at 8:31 am

    Help!!! Please!!.....Hi all from a computer novice, please be gentle with me lol....I have just downloaded ophcracklive cd for vista, ii burned the cd and then ran it on the computer but somethings not quite right.......I'm ending up with the black screen, loads of stuff on there that i don't understand but the last message says.."passwords have been saved in /tmp/ophcrack.txt. Does anyone have a clue what i've done wrong and how to put it right....pleeeeeeeeeeease, it's driving me insane lol...Many thanks...Suzie.

    • wpsarbrina
      December 22, 2009 at 10:53 pm

      You can try Password Genius. It works for me.

  9. Andy
    October 10, 2009 at 10:42 pm

    If you don't want to reformat your system, I think you have to make a rest disk or use some tool to do all the job for you. Such as Windows Password Recovery Tool 3.0. Burn a boot CD with the program, and insert it into the problem computer and your password will be reset to "Blank".

  10. Atomuhr
    September 25, 2009 at 6:37 am

    Used it in Vista, it worked, password was easy though (12345)

  11. Aryan
    August 16, 2009 at 11:29 am

    Latest Hacking Tools and Yahoo hacks only on [Broken Link Removed]

  12. hackercracker
    August 3, 2009 at 7:31 pm

    this is 100% legit. i have a live cd for vista and xp. its worth having just in case. just ignore the warnings from antivirus scanners. they dont want you to have a password crack tool, maybe because you can crack any laptop/desktop with this.

  13. linky1124
    July 22, 2009 at 1:28 am

    it didn't work sometimes.
    then my friend recommend another recovery tool to me.
    and it work.

  14. Yodster
    July 18, 2009 at 8:35 am

    I am curious about one thing. Other than cracking a password without showing it has been cracked, how is this better than clearing our th windows passwords with the many live CDs out there?

    Clearing out the password tends to take a minute or so and allows you to just login. Is there any sort of data loss that doesn't occur when the password is cracked?

    • Simon Slangen
      July 18, 2009 at 9:31 am

      No, clearing out the password has the same result. Except, of course, that the password is then gone.

      • Leo
        November 19, 2009 at 8:54 am

        Actually, I'm afraid you are incorrect on that account.
        Ther is infact data loss that occurs when you clear or force a change upon a user password. Or rather data loss that *could occur* Your security encryption keys are linked to your name/password combination at the time the password is set using the proper creation tool. If you use a tool that forces a change on the password, it does not update the encrytion keys associated with your account, thus creating a loss of any files using the EFS (Encrypting File System) in windows.

        The only way to recover said lost data is if you already had a backup-operator/recovery operator account created with saved copies of the encryption keys exported for later data recovery scenarios. While such is the suggested practice is large corporate scenarios, it's rarely followed even there, none the less on a home user's computer.

  15. Raul
    July 17, 2009 at 5:35 pm

    Well my anti-virus calls this a malware!

    • Sean
      July 17, 2009 at 6:34 pm

      Well good for you! Go have a cookie...

      Get a new AV engine or report the false-positive. Ophcrack isn't a virus.

      • Simon Slangen
        July 17, 2009 at 6:44 pm

        That's right. With Ophcrack's popularity and the complete absence of any reported problems, Occam's Razor rules out the malware possibility.

        Security companies just don't like rainbow tables/brute force/... in their eyes this might be enough to label it malware.

  16. Carl
    July 17, 2009 at 2:19 pm

    Will this work with the system password? I have a password I cannot remember on my laptop before I get to the XP login.

    • Roger
      July 28, 2009 at 12:40 pm

      Pretty much all motherboard manufacturers provide a jumper(towers) or dipswitch(laptops) for overriding/resetting a bios password.
      Check out

    • Leo
      November 19, 2009 at 9:00 am

      Heh heh, BIOS passwords are a trivial issue if you are the device owner and can take your time. First, there are large lists published to the internet of those master codes you're refering to, but more importantly...

      A BIOS password is stored in volatile memory that is supported by the CMOS battery (Little watchbattery looking thing the size of a washer.) Remove the laptop battery, AC-adapter cord and then pen the laptop and remove the CMOS battery. Attempt to power it on a few times (Hold power button for 45seconds or so, repeat) This is usually enough to drain the residule charge from the capacitors and wipe the volatile memory. If that fails, do it again, and wait 24-48hours before putting any power back to the device.

  17. Merryann Palmer
    July 17, 2009 at 2:08 pm

    I really need something like this to get into my old Toshiba with XP. BUT - when I downloaded, AVG informed me the file is infected with a Trojan and killed it.

    Is this something it's supposed to have, or did someone slip it in the installer?

    • Simon Slangen
      July 17, 2009 at 6:37 pm

      It isn't uncommon for a 'password cracker' to be labeled bad-ware. To my knowledge, AVG is (one of) the only anti-virus apps waving the red flag with Ophcrack - and still without reason.

      • Simon Slangen
        July 18, 2009 at 9:38 am

        There was a ticket submitted (and resolved) to Sourceforge about this issue. I quote:

        * resolution set to fixed


        ophcrack is a password retrieval tool. Accordingly, many virus utilities will flag it as potentially harmful, as it is. Used properly and lawfully, there is likely nothing wrong with it.

        Thank you,

        David Burley
        Systems Programmer/Analyst,

  18. Binoyxj
    July 17, 2009 at 12:26 pm

    Sounds interesting.Gonna test this tool now.Thanks for sharing.

    • Steve
      March 10, 2015 at 11:57 am

      Cant use it because I havent the password to my computor (stupid software)