Years ago I wrote  a tutorial about resetting a lost root password on most Linux distributions.
Simple stuff like giving boot parameters to Grub and Lilo, yet it became somewhat popular, and it’s still floating around many forums.

Well, people are still forgetting their passwords, so here’s a new “cross platform” tutorial and how-to on resetting your personal and root passwords.

This time it’s for GNU/Linux, Mac OS X and Windows.

Mac OS X

Lets start with the easiest one, Mac.
If you don’t have Firmware Password enabled, resetting your password is really easy, just follow the instructions on Apple’s support site. All you need is the installation disk.

I’m not going to rewrite those instructions since the ones provided by Apple are sufficient.
On the other hand, if for some reason those instructions fail or you don’t have an installation disk, all is not lost.

I Can’t Remember The Firmware Password

In most cases changing the amount of physical memory (RAM), will clear out the PRAM in your Mac, thus also clearing the Firmware Password.
There isn’t that much information on how the Open Firmware in Macs work, but this is a very simple hack that you could try.
If this doesn’t help, you’re going to need to access the hard drive outside of the machine.

I Don’t Have The Disk!

In this case you’re going to need to access the hard drive.
The easiest way to do this is just to boot up your Mac in single user mode by holding command-s, it’ll boot right on to the command line where you can remount your filesystem to get write permissions:

mount -uw /

And then you can either mess with the Open Directory files to reset your password, or easier, just remove the /var/db/.AppleSetupDone file to make the OS think it’s a new machine and give you the “first time boot wizard”. Command for this is:

rm /var/db/.AppleSetupDone

Afterwards just reboot the machine:

reboot

If these fail, one way would be to just boot either with some live Linux distribution that can mount the filesystem your OS is located in or take the hard drive out and mount it with some other machine.

Windows

There are many good tutorials on resetting Windows passwords, so I don’t think there’s a need for a new one (and to be honest, I don’t really care). But anyways, if you’re looking for great tools, here you go with my personal favorites:

• Ophcrack is a simple open source tool to crack LM and NTLM hashes.
• ntpasswd is a tool to reset your passwords and edit Windows registry.

Ubuntu

If you use a Linux distribution, have lost your password and don’t know how to reset it, you’re probably a Ubuntu user. Nothing bad, this is just the most likely scenario as more and more “human beings” have gotten tired of Windows.

There are some differences between current, future and old releases of Ubuntu, like how the recovery mode works and Grub. I’m going to focus on 8.04 LTS, 9.10 and have a look at what to expect in the future.

Until these very latest Ubuntu releases the security (if you’ve got physical access) hasn’t been that good, and that made resetting passwords really easy.
With these newer releases you can’t just boot up the machine to recovery and change the root password, if you’ve set one.

I haven’t set a root password

Most users simply use sudo to run commands that require root permissions, or they just use some GUI tools and never touch the command line.
If this is the case, you haven’t set the root password (or alternatively you’ve set it and remember it) and you’ve just forgotten your user account’s password, you are lucky.

Just select recovery mode on the Grub list (you may need to press ESC while Grub is loading).

After your machine boots you’ll be greeted with the recovery mode window, just select “Drop to root shell prompt”.

And now you can change either your root or user password.
“passwd” changes root’s password and “passwd toni” changes Toni’s.

After this there isn’t much to do but to reboot (just type “reboot” and hit enter, obviously).

But it’s asking my root password

As a safety feature in most distributions, you can’t go to the root shell (or run any commands via init) without giving your password.
To bypass this, you’ll need to access the partition where your /etc/shadow is located (assuming you’re using shadow passwords).

The easiest way to do this would be to boot up with a Ubuntu CD, mount the partition and find your shadow file and clear your hashed password there.
I’ll be writing more information about this later.

More?

Ideas, comments, better ways to do this, typos, etc.
Hit the comments and let me know!