Joshua Clarke
General

Forgotten VM Password? How to Recover Access to Windows and Linux

Portrait of Joshua Clarke
Joshua Clarke 20 September 2025 4 min read
VMPassword RecoveryWindowsLinuxTroubleshooting

Learn two simple, effective methods to recover a forgotten password for your Windows or Linux virtual machine without rebuilding it.

Share this article
XLinkedInRedditEmail

Forgotten VM Password? How to Recover Access to Windows and Linux - Video Tutorial

Watch on YouTube →Subscribe
Continue Reading Below
4 min read

Forgotten VM Password? How to Recover Access to Windows and Linux

Have you forgotten the password for a Windows or Linux virtual machine? In cybersecurity, we're always building VMs for training or capture-the-flag exercises, and it's easy to forget a password if it isn't saved in a password manager. Don't spend ages trying to rebuild the VM from scratch; this guide will show you how to recover access and get back to work in minutes.

Companion Video Overview

What You'll See (Video Highlights):

  • A live walkthrough of recovering a forgotten password on a Linux (Ubuntu) VM.
  • A step-by-step guide to bypassing the Windows login screen using a system shell.
  • How to perform these actions in a safe lab environment.

Recovering a Linux VM Password

If you have physical access to a machine and its drive is not encrypted, you can recover access to it. For an Ubuntu VM, you can use the built-in recovery mode to get a root shell and reset the password.

Step-by-Step Recovery:

  1. Restart the VM and press Esc to enter the boot menu.
  2. Select Advanced options for Ubuntu and then choose the recovery mode from the list.
  3. Once in the recovery menu, select the option to launch a shell as root.
  4. The file system is typically read-only in this mode. Remount the root file system with read/write permissions by running the following command:
mount -o remount,rw /
  1. To find your username, you can display the contents of the /etc/passwd file. Your user-defined users will typically have a UID of 1000 or higher.
cat /etc/passwd
  1. Use the passwd command to set a new password for your user:
passwd [username]
  1. Reboot the VM. You should now be able to log in with the new password, keeping all your files and settings intact.

Recovering a Windows VM Password

Bypassing a Windows VM password requires a bootable Windows installation media ISO attached to the VM. You can replace the "sticky keys" utility with a command prompt to get an elevated shell at the login screen.

Step-by-Step Recovery:

  1. Shut down the VM and ensure a Windows installation media ISO is attached to the virtual CD/DVD drive in the VM settings.
  2. Start the VM and press Esc to enter the boot menu. Select the option to boot from the CD-ROM drive.
  3. When the Windows installation screen appears, press Shift + F10 to open a command prompt.
  4. Navigate to the host’s C drive and make a backup copy of the sethc.exe file. This file is the "sticky keys" utility.
copy C:\Windows\System32\sethc.exe C:\
  1. Now, copy the cmd.exe executable over the top of sethc.exe to replace it.
copy C:\Windows\System32\cmd.exe C:\Windows\System32\sethc.exe
  1. Reboot the VM. At the login screen, press Shift five times to trigger sticky keys, which will now launch a command prompt with SYSTEM privileges.
  2. Use the net user command to set a new password for your user account:
net user [username] [new_password]
  1. After logging in with the new password, the final step is to restore the original sethc.exe file. Reboot the VM and hold Shift while clicking restart to enter the recovery page. From there, open the command prompt via Troubleshoot > Advanced options > Command Prompt.
  2. Copy your backup sethc.exe file back to its original location to fix the system.
copy C:\sethc.exe C:\Windows\System32\sethc.exe

Common Pitfalls & Best Practices

  • Incorrect Windows Edition: These methods work best on VMs you have full administrative control over.
  • Encrypted Drives: Neither method will work if the VM's file system is encrypted with a tool like LUKS or BitLocker.
  • Password Management: The best practice is to always use a password manager to store important credentials for your VMs and other systems. I personally use and recommend ProtonPass, which offers a generous free plan. You can also get a discount when you sign up for one of their paid plans through my referral link.

Key Takeaways

It is simple to recover access to a VM after you have forgotten the password. These methods allow you to regain access without burning down the entire VM and losing your work. Next time, remember to pop your passwords in a password manager.

Additional Resources

Found this video helpful? Please give it a like and subscribe to the channel for more cybersecurity content.

Published on20 September 2025
Counting...
This article was published before the hit counter launched on Oct 2, 2025. So some hit data is missing.

Related Articles

Want More Cybersecurity Insights?

Subscribe to my weekly newsletter for exclusive tutorials, threat analysis, and industry updates delivered straight to your inbox.

Join cybersecurity professionals. No spam - just weekly insights on cybersecurity, cloud security, and digital forensics. Unsubscribe anytime.

Enjoyed this article?

Subscribe to my YouTube channel for more cybersecurity content and tutorials.

Subscribe on YouTubeRead More Articles