Following this tutorial will allow you to reset the administrator password in Windows 10 if you're locked out without a way to enter the system.
In order to follow the steps, we need a bootable USB with Windows 10, an installation ISO in a bootable USB will work.
Disclaimer
This tutorial is written for educational purposes, do not use it to enter a system that doesn't belong to you.
First of all, we need to boot the Windows at the USB, and access the CMD.
We will not cover this, 'cause I suppose you will have some experience booting into Windows installations.
Assign a letter to the partition
Probably the partition where Windows resides doesn't has a letter assigned to it.
To assign a letter we must follow the next steps, if your Windows' partition has a letter assigned to it, you can skip this section.
diskpart
We need to select the Windows' disk, in my case the disk 0.
list disk
sel disk 0
Next we select the primary partition where Windows is installed, in my case the partition 3
list part
sel part 3
I'm going to assign the letter t to the partition, you can use any letter as long as it's available.
assign letter=t:
exit
Access the drive
We need to enter to the Windows' partition, in my case it's at letter t, from there we need to go to Windows\System32.
t:
cd windows
cd system32
Once we're at System32 folder, we need to make a backup of the Utilman.exe utility.
copy Utilman.exe Utilman.exe.bak
Now we're going to replace Utilman.exe with cmd.exe, this will allow us to start a CMD using the Accessibility icon at the login screen.
copy cmd.exe Utilman.exe
Finally, we reboot our system.
shutdown /r /t 0
Reset the password
Once the system boots again, we should click the accesibility icon, which will launch a CMD.
Next, we should run this command indicating the username and new password, for example administrator as the username and 123456 as its password.
net user administrator 123456
Now we're able to log in again in our account.
Restore Utilman.exe
It's important to boot again using the USB so we can restore the Utilman.exe back to its original binary.
Probably you will need to assign to the partition a letter again.
Once you're at System32 again, you should copy it back, and remove the backup we've previously made.
copy Utilman.exe.bak Utilman.exe
del Utilman.exe.bak
Now the system it's no longer able to run a CMD if you click the Accesibility icon at the login screen.
Top comments (0)