Enabling Hidden Administrator Account on Windows (Offline Method)

1. Enter Windows Recovery Environment:
   • Restart your computer and boot into the Windows Recovery Environment (WinRE).
2. Open Command Prompt:
   • Once in WinRE, open the Command Prompt.
3. Access Windows Registry:
   • Type regedit and press Enter to open the Registry Editor.
4. Load Hive:
   • Highlight the HKEY_LOCAL_MACHINE key.
   • From the File menu, select Load Hive.
5. Navigate to Configuration Directory:
   • Navigate to the C:\Windows\System32\Config directory.
6. Load the SAM File:
   • Highlight the SAM file and click the Open button.
7. Assign a Temporary Key Name:
   • When prompted, type temp as the key name and click OK.
8. Navigate to the Appropriate Registry Key:
   • Under the HKEY_LOCAL_MACHINE key, expand the newly created temp key.
   • Navigate to SAM > Domains > Account > Users > 000001F4.
9. Edit the F Value:
   • Double-click the F value.
   • Use the down arrow key to navigate to the line 0038.
   • Replace 11 with 10.
10. Save Changes and Unload Hive:
    • Click OK to save changes.
    • Highlight the temp key, and from the File menu, choose Unload Hive to write back the changes to the registry.
11. Close Registry Editor and Restart:
    • Close the Registry Editor.
    • Close Command Prompt.
    • Restart your computer normally.
12. Verify Administrator Account:
    • After restarting, the Administrator account should be enabled.

Disabling the Administrator Account (After Use)

1. Open Command Prompt:
   • Open Command Prompt by typing cmd into the Start menu search box and selecting it.
2. Disable Administrator Account:
   • Type the following command to disable the Administrator account: net user administrator /active:no
   • Press Enter.
3. Close Command Prompt and Verify:
   • Close Command Prompt.
   • Verify that the Administrator account is disabled.

Final Note

• Ensure to disable the Administrator account after completing your tasks to avoid any security risks.