Administrator password can be broken by replacing same file in system32config by the sam file in repair folder of windows.
It can be easily done on a machine with dual operating systems, simply log on to os other then the one whoes password is to be cracked
The way is exactly same as written above
But if there is a single OS on a machine then there is only one way i.e. to use ms dos start up disk or some other boot disk and replace the same file in config folder with the one in repair folder
Note:- this method works only if hard drive is FAT32 formatted because NTFS drive doesn’t take boot from Ms DOS
This way you can remove the old administrator password as if the windows is newly installed and the password wasn’t set