Users that forgot the password they used for logging into Windows 10 can easily regain access to the operating system. Obviously the method can also be easily abused for less innocuous reasons. An easy to abuse loophole that already existed in earlier versions of Windows, still works in Windows 10.
The loophole works by gaining filesystem access on the disk where Windows 10 is installed and replacing the onscreen keyboard with the command prompt. The onscreen keyboard is part of the Windows 10 accessibility options and allows to use a pointer device, like a mouse, to enter text while no keyboard is available. The onscreen keyboard can be used to enter a password or pin at the Windows 10 login screen.
Filesystem access to Windows 10 is easily obtained by e.g. using an USB drive with a Live Linux version installed, Apple's Boot Camp or simply by using the 'Repair computer' feature of Windows 10. The latter allows access to the command prompt in its Advanced Troubleshooting section and is the easiest solution.
No matter how an attacker gains access to the Windows 10 file system, once he has access he can simply navigate to C:\Windows\System32, rename osk.exe (the onscreen keyboard) to osk.old (placeholder name). The next step is renaming cmd.exe to osk.exe which replaces the onscreen keyboard functionality with the command prompt. The onscreen keyboard can then be selected in the accessibility option in the Windows 10 login screen.
When the files are properly renamed the onscreen keyboard will no longer show, instead, the command prompt is shown. By simply using the command 'net user <USERNAME in quotes> <PASSWORD>' he can change the password of any Windows 10 user on the system.
For a trained attacker this takes only a few minutes. Although the attacker requires physical access to the computer, it's a great trick for students to gain access to their teacher's computer or for unprivileged users to gain access to computers with confidential data.
It's strange that such an easy to abuse loophole still hasn't been fixed by Microsoft, a quick Google learns that the trick exists at least since Windows Vista.
Method #2: Reset Windows 10 Password with iSeePassword Windows Password Recovery Pro
If you are serious about getting your problem solved on a serious note, then you need to be serious first about downloading the correct tool to help you with your attempt. Thus iSeePassword Windows Password Recovery Pro is one such freeware Password removal tool available on the internet market which can easily sort out your issue. It generally reset Windows lost or forgotten login password inquiry without actually re-installing the Windows OS. Consequently no data is lost during the process of password removal.
iSeePassword Windows Password Recovery Pro Features:
- It protects your system from losing any data while the operation proceeds.
- No internet connection is required.
- No special technical skills are required.
- It is compatible with almost all types of laptops, such as Dell, Toshiba, Lenovo, HP, Acer, etc.
- It removes all types account passwords, be it admin accounts, domain accounts, root accounts, etc.
- Attractive graphic interface.
- It supports all types of Windows OS Versions, such as Windows XP/ 10 / 8/ 10.
The process will take some moment and the system will take a restart immediately. But the next time it turns on, there will be no password inquiry in the login screen anymore.
