Solved Windows 10 Reset password

NerdyDad

Okay, I know that I am going to get totally ridiculed for this but I need the information off of this drive.

My laptop fell off the domain the other day and I don't have any recent backups because Veeam flaked on me long ago. I tried to take it off of the domain and add it back, but when I rebooted to a workgroup, I was able to login. When I rebooted again, can't login. I have used the same password and every password that I typically use, but no luck. I don't have a password reset disk (and they can't be created in Windows 10 anymore). I've tried pulling the hard drive out and reading the contents, but keep getting an IO error. The drive has the latest of Windows 10 1703 on it and it is bitlockered.

Anybody have any tried and true solutions?

NerdyDad

Sorry, no pictures on this one as I don't have Windows 10 as a VM, but here's what I did to get into the problem computer:

1. At the locked screen, in the bottom right corner, press and hold down the shift key and click "Restart". Don't let go of the shift key until you come to the "Choose an option" screen.
2. Select the "Troubleshoot" option.
3. Select the "Advanced options" option.
4. Select "Command Prompt". You're computer will reboot and prompt for the bitlocker key (if it applies).
5. Now you have your command prompt. We need to inject a user and make them an administrator.
   5a) This line will create our user and set their password, locally only.
   net user <username> <password> /add
   5b) This will add the user to the local administrators group
   net localgroup administrators <username> /add
   5c) Now exit to return to the "Advanced options" screen and click "Power Off".
6. Power your computer back on and try your new credentials.

This doesn't work all of the time. I tried to create a new user in this method on another computer and it didn't work, but did work on the computer that I was having problems with.

black3dynamite

@nerdydad said in Windows 10 Reset password:

Okay, I know that I am going to get totally ridiculed for this but I need the information off of this drive.

My laptop fell off the domain the other day and I don't have any recent backups because Veeam flaked on me long ago. I tried to take it off of the domain and add it back, but when I rebooted to a workgroup, I was able to login. When I rebooted again, can't login. I have used the same password and every password that I typically use, but no luck. I don't have a password reset disk (and they can't be created in Windows 10 anymore). I've tried pulling the hard drive out and reading the contents, but keep getting an IO error. The drive has the latest of Windows 10 1703 on it and it is bitlockered.

Anybody have any tried and true solutions?

I was going to say use chntpw reset or enable administrator account but I'm not sure about getting passed bitlocker.

NerdyDad

Figured it out without any tools necessary. Will create a how-to here in a minute.

NerdyDad

Sorry, no pictures on this one as I don't have Windows 10 as a VM, but here's what I did to get into the problem computer:

1. At the locked screen, in the bottom right corner, press and hold down the shift key and click "Restart". Don't let go of the shift key until you come to the "Choose an option" screen.
2. Select the "Troubleshoot" option.
3. Select the "Advanced options" option.
4. Select "Command Prompt". You're computer will reboot and prompt for the bitlocker key (if it applies).
5. Now you have your command prompt. We need to inject a user and make them an administrator.
   5a) This line will create our user and set their password, locally only.
   net user <username> <password> /add
   5b) This will add the user to the local administrators group
   net localgroup administrators <username> /add
   5c) Now exit to return to the "Advanced options" screen and click "Power Off".
6. Power your computer back on and try your new credentials.

This doesn't work all of the time. I tried to create a new user in this method on another computer and it didn't work, but did work on the computer that I was having problems with.

black3dynamite

@nerdydad said in Windows 10 Reset password:

Sorry, no pictures on this one as I don't have Windows 10 as a VM, but here's what I did to get into the problem computer:

1. At the locked screen, in the bottom right corner, press and hold down the shift key and click "Restart". Don't let go of the shift key until you come to the "Choose an option" screen.
2. Select the "Troubleshoot" option.
3. Select the "Advanced options" option.
4. Select "Command Prompt". You're computer will reboot and prompt for the bitlocker key (if it applies).
5. Now you have your command prompt. We need to inject a user and make them an administrator.
   5a) This line will create our user and set their password, locally only.
   net user <username> <password> /add
   5b) This will add the user to the local administrators group
   net localgroup administrators <username> /add
   5c) Now exit to return to the "Advanced options" screen and click "Power Off".
6. Power your computer back on and try your new credentials.

This doesn't work all of the time. I tried to create a new user in this method on another computer and it didn't work, but did work on the computer that I was having problems with.

Instead of creating a user you can also enable the administrator account instead?

Dashrender

did you pull the bitlocker key out of AD somewhere? or was it bitlockered outside of AD and you had it printed out?

NerdyDad

@dashrender said in Windows 10 Reset password:

did you pull the bitlocker key out of AD somewhere? or was it bitlockered outside of AD and you had it printed out?

I keep all of my bitlocker keys on a separate NAS. I don't know enough about storing the keys inside AD to feel comfortable with doing that yet.