Windows® System Image Manager (Windows SIM) enables you to hide the passwords for the administrator account and any other user accounts on the local system in an answer file. Hiding passwords in an answer file prevents users from reading the answer file and identifying passwords for local accounts.

The settings that you can hide include:

This option only hides the passwords in an answer file and does not provide encryption or other security benefits. Consider answer files as sensitive data and be careful about authorizing access to your answer files.


Domain passwords, product keys, and other sensitive data may still be available as clear text in an answer file. You can hide only local account passwords in an answer file.

To hide account passwords in an answer file

  1. Open Windows SIM.

  2. Open a Windows image. For more information, see Open a Windows Image or Catalog File.

  3. Open or create an answer file. For more information, see Open an Answer File.

  4. Add one of the following password settings to your answer file:

    • Microsoft-Windows-Shell-Setup | AutoLogon | Password

    • Microsoft-Windows-Shell-Setup | UserAccounts | AdministratorPassword

    • Microsoft-Windows-Shell-Setup | UserAccounts | LocalAccounts | LocalAccount | Password

  5. Add a value to one or more of the password settings.

  6. On the Tools menu, check Hide Sensitive Data. This ensures that when the answer file is saved, the password information will be hidden.

  7. Save the answer file and close Windows SIM. The answer file must look similar to the following example:

       <component name="Microsoft-Windows-Shell-Setup" processorArchitecture="x86" publicKeyToken="31bf3856ad364e35" language="neutral" versionScope="nonSxS" xmlns:wcm="" xmlns:xsi="">
    			<LocalAccount wcm:action="add">

The <PlainText> element is added to the answer file by Windows SIM and is used during Windows Setup to denote whether or not the password is in plain text.

See Also