How to turn on the computer with a password? Windows password bypass

Prehistory

My friend has a password on a Microsoft account on a computer (Windows 10). Having searched the entire Internet, I did not find anything more useful, like replacing the on-screen keyboard with the command line and resetting the password using “net user login password”. And resetting the password is not an option. There was an idea using a safe mode or in Windows recovery mode to open a command prompt and create a new user, but the same password was required there and there. I was curious to find a loophole with my own hands and get around this protection. It is hardly interesting to anyone how I came to this method, so I’ll just describe the action plan.

Attention! In order to proceed, you need to replace osk.exe with cmd.exe in the folder “C: \ Windows \ System32”, which is also located there. Do not forget to backup osk.exe. This can be done in various ways: through the command line at the command line in Windows recovery mode from the installation disk, through any other installed system. I will describe the replacement method through osk.exe from under the Windows target. Yes, you understood correctly: in order to bypass the password, you must at least once gain access to the computer, that is, ask your parents to turn on the PC at least once.

Open the windows folder along the path “C: \ Windows”, find the system32 folder:


')
Open its properties, the Security tab, click Advanced. A window like this will open:



Open the Owner tab (on Windows 8.10, the Owner will be immediately under the name of the object and there will be a button to change), click Change, select Administrators, click OK and then OK again.

Make sure that the Administrator has full access:



Otherwise, click Edit, select "Administrators", put a tick "Full access". Save all changes.

Manipulations of the second step occur in the folder “C: \ Windows \ System32”. Back up (make a copy) osk.exe, then delete the original. Make a copy of cmd.exe with the name osk.exe. If everything worked out, then when you start the on-screen keyboard via the start-up, the command line should be displayed.

Next, press the two buttons on the keyboard at the same time: Start + R. The "Run" window will open and enter the control userpasswords2 command and click OK:



The User Accounts window opens.

1) Click "Add ..."
2) Create a username for a new account, set a password for it if you want, and in the third step of creating a user, select the Administrator access level



3) Save all changes and move on.

In the root of the "Local Disk C" create a text document and call it "1". This text document will simplify the execution of commands for traversing. In it you need to add the following two lines:

REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v ___ /t REG_DWORD /d 0 /f REG ADD "HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList" /v ___ /t REG_DWORD /d 1 /f 

Replace in each line "Your_Amount_Account_Arm_Enty" with the name of the account you previously created (without quotes). The first line hides your new account on the Windows Welcome screen, and the second line shows it in reverse. Save the text document. If you did everything correctly, then if you open the command line and type “C: \ 1.txt” there, then the same text document should be opened in a notebook. Go ahead.

In fact, everything is ready. What we have: the replaced on-screen keyboard on the command line, a new account, a text document that will prompt us commands. Now to the execution of the desired. Before you begin, open the command line and paste the first line of our text document there in order to hide the new user in the welcome screen. (In the command line, you must insert the right mouse button):

Make sure you have done all the steps correctly!

Now we reboot the computer and we are asked to enter a password. In the corner (usually in the lower left), you need to open the center of special features to put a tick "Enter text without a keyboard" (at least for me, but Windows 8, 10, I think, do not differ in the variety of text), click OK and the command will open. line. It is necessary to execute the command "C: \ 1.txt", you will open a text document, which we previously asked. Copy the second line and paste it into the command line. We make sure that the operation is successful , we restart the computer and see that the necessary account has appeared, we load it and it is ready, you can use all the capabilities of the computer without the need to enter a password. As soon as you load the account, open the command line and paste the first line of our text document there so that the account is already hidden after the reboot .

PS My friend, who first tried this method, said: "I searched the whole Internet, but did not find a normal way, except to reset the password." This led me to create this article.