Password Reset Disks Technical Overview
Applies To: Windows 7, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2, Windows Vista
This topic for the IT professional explains password reset disks and how they store a user's password beginning with Windows Server 2008 and Windows Vista.
What is a password reset disk?
It is not unusual for users to forget their passwords to local user accounts from time to time, especially when they use strong passwords. Before the advent of password reset disks, the only way for administrators to restore a forgotten local user account password was to manually reset the user's password. In the process, the following information was lost:
E-mail that was encrypted with the user's public key
Internet passwords that were saved on the computer
Files that the user had encrypted
Password reset disks offer another solution to the problem of a forgotten password for a local user account. If users create password reset disks for their local accounts before they forget their passwords, they can reset the passwords without losing valuable data that was lost previously with administrative password resets.
Windows provides a utility to create a password reset disk using the Secure Desktop through the Change Password utility. The reset disk is an encrypted password file saved to a storage device, and to reuse that password on the device to access the user's account through the local computer. A password reset disk can only be used on the computer on which it was created.
How password reset disks work
When you create a password reset disk, a public key and private key pair are created. The private key is stored on the password reset disk. The public key encrypts the local user account password. If users forget their passwords, they can insert the password reset disk, which contains the private key, and decrypt the current password. The password reset disk contains only one file called userkey.psw. The Forgotten Password Wizard prompts the user for a new password, which is then encrypted with the public key. Data is not lost because, basically, the user is simply changing a password.
It is essential that password reset disks be stored in secured locations.
For more information on how to create a password reset disk, see Create a Password Reset Disk.
If the user has forgotten the logon password, the account still can be accessed when the reset disk is inserted. On the secure desktop, a message will appear prompting the user to select the password reset disk to start the Password Reset Wizard. The wizard guides the user through the steps to create a new password.