I have a customer with a Windows 10 PC which is blocking attempts to
login, using (as far as he knows) the same Windows password that always worked. The PC is set to use a Microsoft account rather than a local
account (I knew there was a reason why I set my Win7 and Win10 PCs to
use local accounts!)
I have a customer with a Windows 10 PC which is blocking attempts to login, >using (as far as he knows) the same Windows password that always worked. The >PC is set to use a Microsoft account rather than a local account (I knew >there was a reason why I set my Win7 and Win10 PCs to use local accounts!)
Is there any way of bypassing Windows security to be able to access the >browser's list of saved IDs and passwords for websites?
Unfortunately, any attempt to reset the password is stuck in a deadly >embrace: the only "back door" is to send a code in an email to a Talktalk >address whose password he doesn't know because he never uses it: it's always >saved and supplied by his browser. The "back door" for Talktalk offers to >send its code to 1) the same address (circular argument!), 2) a BT Internet >address whose password he doesn't know, 3) a mobile phone number that he no >longer has access to. Attempts to reset the BT Internet email password seem >to disappear into a black hole: I seem to have changed the password >successfully but the new username/password don't let me in. I have a feeling >of chasing my tail :-(
Talktalk seemed to be very unhelpful. It doesn't help that the email account >is "orphaned": it exists as an email address but there is no longer a >broadband account associated with it, because he changed in the past to use >BT Internet for broadband. So we can't use the bank account that pays the TT >direct debit as a form of validation.
(For the future, I will make damn sure that he has a written record of all >the details which work, and that "back door" validation codes are sent to >*other* email accounts and not the the same one whose details I've
forgotten. All the "circular references" and references to phone numbers
that no longer exist happened long before I was involved...)
Any suggestions? A password reset utility would get him into the PC, but >maybe at the expense of not allowing access to browser-saved >usernames/passwords, so it would solve on problem but leave another >(accessing his emails) still remaining. And reinstalling Windows would lose >everything of the personalisation, even if I first saved his >c:\users\<username> tree structure.
Windows password recovery<
NY wrote:
I have a customer with a Windows 10 PC which is blocking attempts to login, using (as far as he knows) the same
Windows password that always worked. The PC is set to use a Microsoft account rather than a local account (I knew
there was a reason why I set my Win7 and Win10 PCs to use local accounts!)
[snip]
It should be possible to create a "local administrator" account, see:
<https://www.isumsoft.com/windows-10/create-administrator-account-when-cant-sign-in-windows-10.html>
Google might find other ways ...
I have a customer with a Windows 10 PC which is blocking attempts to login, using (as far as he knows) the same Windows
password that always worked. The PC is set to use a Microsoft account rather than a local account (I knew there was a
reason why I set my Win7 and Win10 PCs to use local accounts!)
Is there any way of bypassing Windows security to be able to access the browser's list of saved IDs and passwords for
websites?
Unfortunately, any attempt to reset the password is stuck in a deadly embrace: the only "back door" is to send a code in
an email to a Talktalk address whose password he doesn't know because he never uses it: it's always saved and supplied
by his browser. The "back door" for Talktalk offers to send its code to 1) the same address (circular argument!), 2) a
BT Internet address whose password he doesn't know, 3) a mobile phone number that he no longer has access to. Attempts
to reset the BT Internet email password seem to disappear into a black hole: I seem to have changed the password
successfully but the new username/password don't let me in. I have a feeling of chasing my tail :-(
Talktalk seemed to be very unhelpful. It doesn't help that the email account is "orphaned": it exists as an email
address but there is no longer a broadband account associated with it, because he changed in the past to use BT Internet
for broadband. So we can't use the bank account that pays the TT direct debit as a form of validation.
(For the future, I will make damn sure that he has a written record of all the details which work, and that "back door"
validation codes are sent to *other* email accounts and not the the same one whose details I've forgotten. All the
"circular references" and references to phone numbers that no longer exist happened long before I was involved...)
Any suggestions? A password reset utility would get him into the PC, but maybe at the expense of not allowing access to
browser-saved usernames/passwords, so it would solve on problem but leave another (accessing his emails) still
remaining. And reinstalling Windows would lose everything of the personalisation, even if I first saved his
c:\users\<username> tree structure.
I have a customer with a Windows 10 PC which is blocking attempts to login, using (as far as he knows) the same Windows password that always worked. The PC is set to use a Microsoft account rather than a local account (I knew there was a reason why I set my Win7 and Win10 PCs to use local accounts!)
Is there any way of bypassing Windows security to be able to access the browser's list of saved IDs and passwords for websites?
On 2/27/23 09:03, this is what NY wrote:
I have a customer with a Windows 10 PC which is blocking attempts to
login, using (as far as he knows) the same Windows password that
always worked. The PC is set to use a Microsoft account rather than a
local account (I knew there was a reason why I set my Win7 and Win10
PCs to use local accounts!)
Is there any way of bypassing Windows security to be able to access
the browser's list of saved IDs and passwords for websites?
If you want the browser passwords, I'd boot a live Linux CD, copy the
browser profile folder like %APPDATA%\firefox to the /home/mint/.mozilla/firefox folder on the live cd while it's running.
You could then launch firefox and see the passwords etc.
You don't says what browser.
I have a customer with a Windows 10 PC which is blocking attempts to login, using (as far as he knows) the same Windows
password that always worked. The PC is set to use a Microsoft account rather than a local account (I knew there was a
reason why I set my Win7 and Win10 PCs to use local accounts!)
Is there any way of bypassing Windows security to be able to access the browser's list of saved IDs and passwords for
websites?
If you want the browser passwords, I'd boot a live Linux CD, copy the
browser profile folder like %APPDATA%\firefox to the /home/mint/.mozilla/firefox folder on the live cd while it's running. You could then launch firefox and see the passwords etc.
You don't says what browser.
There isn't a "Forgot Password" link in the Windows login screen? The following article mentions a "Reset password" link on the sign-in
screen. The problem is if the user has forgotten their login password
then perhaps they also forgot their answers to the security questions.
I have a customer with a Windows 10 PC which is blocking attempts to login, using (as far as he knows) the same Windows password that always worked. The PC is set to use a Microsoft account rather than a local account (I knew there was a reason why Iset my Win7 and Win10 PCs to use local accounts!)
Is there any way of bypassing Windows security to be able to access the browser's list of saved IDs and passwords for websites?browser. The "back door" for Talktalk offers to send its code to 1) the same address (circular argument!), 2) a BT Internet address whose password he doesn't know, 3) a mobile phone number that he no longer has access to. Attempts to reset the BT
Unfortunately, any attempt to reset the password is stuck in a deadly embrace: the only "back door" is to send a code in an email to a Talktalk address whose password he doesn't know because he never uses it: it's always saved and supplied by his
Talktalk seemed to be very unhelpful. It doesn't help that the email account is "orphaned": it exists as an email address but there is no longer a broadband account associated with it, because he changed in the past to use BT Internet for broadband. Sowe can't use the bank account that pays the TT direct debit as a form of validation.
(For the future, I will make damn sure that he has a written record of all the details which work, and that "back door" validation codes are sent to *other* email accounts and not the the same one whose details I've forgotten. All the "circularreferences" and references to phone numbers that no longer exist happened long before I was involved...)
Any suggestions? A password reset utility would get him into the PC, but maybe at the expense of not allowing access to browser-saved usernames/passwords, so it would solve on problem but leave another (accessing his emails) still remaining. Andreinstalling Windows would lose everything of the personalisation, even if I first saved his c:\users\<username> tree structure.
"VanguardLH" <V@nguard.LH> wrote in message news:1oomtpbw2hlgn$.dlg@v.nguard.lh...
There isn't a "Forgot Password" link in the Windows login screen? The
following article mentions a "Reset password" link on the sign-in
screen. The problem is if the user has forgotten their login password
then perhaps they also forgot their answers to the security questions.
I did try that: Windows tries to use the email/phone detail that you configured when you created the user, but if offers to use a browser
instead, with a long URL of random characters. Brilliant: took some typing and checking, but I did it. However the information that it asked for (name, date of birth, previous passwords allocated before the current unknown one, etc) was not sufficient for it to authorise recovery of the password. It may even have been asking for some information that the customer had never set.
I'm glad I wasn't responsible for setting up the various systems so as to
use the same address for recovery as the one that I was trying to access, or to use a mobile phone number that no longer existed. It's a matter of thinking "I've changed my phone" or "I no longer have access to this email" and changing the places where those details are used for recovering a password on something unrelated.
I'll also set the Windows recovery to use his mobile phone number and a newly-created gmail account, and set Talktalk to use that gmail account - anything to break the deadly embrace of defining email address X as the recovery address for the password of account X ;-)
It was a case of one damn thing after another: each email account used
either itself, or else another account for which we didn't have the
password, or else an obsolete mobile phone number which he couldn't even *remember* let alone access. He'd kept a record of account details and passwords - but unfortunately all the entries were out of date and didn't help :-(
I have a customer with a Windows 10 PC which is blocking attempts to
login, using (as far as he knows) the same Windows password that always worked. The PC is set to use a Microsoft account rather than a local
account (I knew there was a reason why I set my Win7 and Win10 PCs to
use local accounts!)
Is there any way of bypassing Windows security to be able to access the browser's list of saved IDs and passwords for websites?
Unfortunately, any attempt to reset the password is stuck in a deadly embrace: the only "back door" is to send a code in an email to a
Talktalk address whose password he doesn't know because he never uses
it: it's always saved and supplied by his browser. The "back door" for Talktalk offers to send its code to 1) the same address (circular
argument!), 2) a BT Internet address whose password he doesn't know, 3)
a mobile phone number that he no longer has access to. Attempts to reset
the BT Internet email password seem to disappear into a black hole: I
seem to have changed the password successfully but the new
username/password don't let me in. I have a feeling of chasing my tail :-(
Talktalk seemed to be very unhelpful. It doesn't help that the email
account is "orphaned": it exists as an email address but there is no
longer a broadband account associated with it, because he changed in the
past to use BT Internet for broadband. So we can't use the bank account
that pays the TT direct debit as a form of validation.
(For the future, I will make damn sure that he has a written record of
all the details which work, and that "back door" validation codes are
sent to *other* email accounts and not the the same one whose details
I've forgotten. All the "circular references" and references to phone
numbers that no longer exist happened long before I was involved...)
Any suggestions? A password reset utility would get him into the PC, but maybe at the expense of not allowing access to browser-saved usernames/passwords, so it would solve on problem but leave another (accessing his emails) still remaining. And reinstalling Windows would
lose everything of the personalisation, even if I first saved his c:\users\<username> tree structure.
And I wrote down all the passwords, together with a description of what
each one was used for, and said "keep these safe and remember to update
these pieces of paper if you change the email/Windows passwords or your mobile phone number in future".
I have a customer with a Windows 10 PC which is blocking attempts to
login, using (as far as he knows) the same Windows password that always worked. The PC is set to use a Microsoft account rather than a local
account (I knew there was a reason why I set my Win7 and Win10 PCs to
use local accounts!)
Is there any way of bypassing Windows security to be able to access the browser's list of saved IDs and passwords for websites?
Unfortunately, any attempt to reset the password is stuck in a deadly embrace: the only "back door" is to send a code in an email to a
Talktalk address whose password he doesn't know because he never uses
it: it's always saved and supplied by his browser. The "back door" for Talktalk offers to send its code to 1) the same address (circular
argument!), 2) a BT Internet address whose password he doesn't know, 3)
a mobile phone number that he no longer has access to. Attempts to reset
the BT Internet email password seem to disappear into a black hole: I
seem to have changed the password successfully but the new
username/password don't let me in. I have a feeling of chasing my tail :-(
Could a Windows update have affected it? I noticed that Windows had downloaded V22H2 of Win 11, together with a few other things that I
forgot to note down from Windows Update | Update History. That took a
*long* time to install - I went home, hand my lunch and came back a few
hours later, having left the PC to do its thing.
And I wrote down all the passwords, together with a description of what
each one was used for, and said "keep these safe and remember to update
these pieces of paper if you change the email/Windows passwords or your mobile phone number in future".
As to why it happened, goodness knows. He swears blind that he used the original Windows password when he used logged on to the PC on Friday, then brought it out of sleep (not even startup from having been shutdown) on Saturday and the same passwordwas rejected. All rather worrying.
Could a Windows update have affected it?
On 3/2/2023 4:23 PM, NY wrote:was rejected. All rather worrying.
As to why it happened, goodness knows. He swears blind that he used the original Windows password when he used logged on to the PC on Friday, then brought it out of sleep (not even startup from having been shutdown) on Saturday and the same password
Could a Windows update have affected it?
Obviously, he had Windows 11 installed over Windows 10, very very recently. >Golly, I wonder how that happened. Yet another mystery for the XFiles.
Look in C:\Windows.old for proof. If you have a Windows.old, then
the Windows has changed versions on you. Windows.old will auto-delete
after some number of days. (You can "revert" to Win10 again, if
Windows.old still exists.)
There are people who will claim this can't happen, unless you "click something".
Dunno. It's all just too suspicious.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 297 |
Nodes: | 16 (2 / 14) |
Uptime: | 00:34:43 |
Calls: | 6,666 |
Calls today: | 4 |
Files: | 12,212 |
Messages: | 5,335,396 |